Malicious ads target sports fans

By on
Malicious ads target sports fans
A group peddling rogue antivirus software has duped several major websites into serving users with unwanted downloads.

Major League Baseball's MLB.com, the National Hockey League's NHL.com, and the website for business magazine The Economist have all fallen victim.

Security researcher Roger Thompson from Exploit Prevention Labs demonstrated the ads, which have since been removed, in a video hosted on YouTube.

The video shows the advertisements 'hijacking' the browser to direct the user away from the original site and attempt to perform an unsolicited software download and installation.

The ads use a tactic known as 'scan and scare'. The user is offered a free system scan which returns misleading results in an attempt to scare the user into paying for the software.

'Scan and scare' is a favourite among rogue security vendors that sell intentionally ineffective or malicious security software.

The ads were first believed to be coming from the DoubleClick network, although the company has since been cleared of any blame.

Researchers claim that the sites were contacted directly by the advertisers, who then managed the ads through DoubleClick's Dart ad-serving system.

The malicious Flash files contain code which redirects traffic from the host, past DoubleClick's servers and to a site which tries to serve the unwanted download.

DoubleClick said in a statement provided that it is updating its system to track down and remove the malicious ads.

"Unfortunately, there are bad actors who misrepresent themselves and purchase advertising as an avenue to distribute malware," said the company. "We are going to continue to take proactive and reactive steps."

DoubleClick recommends that publishers carefully research prospective advertisers and keep a close eye on the behaviour of banner ads.

DoubleClick is hardly alone in the struggle to block out malicious and intrusive ads. Ad vendors and researchers have long warned that rogue security vendors use so-called 'bait and switch' techniques to swap out normal ads with malicious files.

This has resulted in an ongoing cat-and-mouse game in which malware vendors adopt new techniques to stay ahead of the screening systems used by the advertising networks.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
ads fans malicious security sports target

Partner Content

Build cybersecurity capability with award winning Fortinet training from Ingram Micro
Build cybersecurity capability with award winning Fortinet training from Ingram Micro
How NinjaOne Is Supporting The Channel As It Builds An Innovative Global Partner Program
How NinjaOne Is Supporting The Channel As It Builds An Innovative Global Partner Program
Channel can help lead customers to boosting workplace wellbeing with professional headsets
Channel can help lead customers to boosting workplace wellbeing with professional headsets
Kaseya Dattocon APAC 2024 is Back
Kaseya Dattocon APAC 2024 is Back
Tech For Good program gives purpose and strong business outcomes
Tech For Good program gives purpose and strong business outcomes

Sponsored Whitepapers

Stop Fraud Before It Starts: A Must-Read Guide for Safer Customer Communications
Stop Fraud Before It Starts: A Must-Read Guide for Safer Customer Communications
The Cybersecurity Playbook for Partners in Asia Pacific and Japan
The Cybersecurity Playbook for Partners in Asia Pacific and Japan
Pulseway Essential Eight Framework
Pulseway Essential Eight Framework
7 Best Practices For Implementing Human Risk Management
7 Best Practices For Implementing Human Risk Management
2025 State of Machine Identity Security Report
2025 State of Machine Identity Security Report

Events

techpartner.news MSP index - Brisbane
techpartner.news MSP index - Brisbane
techpartner.news Channel Leader List / Golf day
techpartner.news Channel Leader List / Golf day
techpartner.news Pipeline Conference 2025
techpartner.news Pipeline Conference 2025
Integrate Expo 2025
Integrate Expo 2025
Security Exhibition & Conference 2025
Security Exhibition & Conference 2025

Most read articles

AI ambition: Nick Beaugeard looks to harness AI agents to provide tech services

AI ambition: Nick Beaugeard looks to harness AI agents to provide tech services
Vic gov to spend $100m on cyber security

Vic gov to spend $100m on cyber security
MSPs pressed to review ransomware response as new reporting rules commence

MSPs pressed to review ransomware response as new reporting rules commence
Tech Research Asia to present Australian IT M&A report

Tech Research Asia to present Australian IT M&A report

Log in

Email:
Password:
  |  Forgot your password?