Wednesday, January 30, 2008 9:21 AM
cmosby
Malicious Banner Ads Target Expedia.Com and Rhapsody.Com | TrendLabs | Malware Blog - by Trend Micro
January 29th, 2008 by Bernadette Irinco
For a time, online advertisements have been a constant source of, not only nuisance, but of malware as well. Earlier this month, we’ve seen malicious banner ads being served on popular Web sites, such as Myspace, Excite, and Blick. This time, TrendLabs was alerted to malicious banner ads infiltrating legitimate special interest Web sites such as Expedia.com and Rhapsody.com.
According to Trend Micro security experts, certain malicious .SWF banners have managed to work their way into Expedia.com, a popular site for travel enthusiasts worldwide. Trend Micro detects this particular malicious flash banner as SWF_ADHIJACK.A.
Based on initial analysis, clicking on this ad leads to several redirections, which eventually results to the installation of a rogue antispyware (detected as TROJ_GIDA.A).
Music lovers are also targeted by malware-laden .SWF banners at Rhapsody.com, a music site owned by RealNetworks, which was also found to be employing malicious flash banners. The malicious .SWF URL found in Rhapsody.com is said to be similar to the notorious Skyauction advertisements that were also found to infiltrate the Blick website mentioned earlier.
In any industry, advertising has proven to be an effective way to sell products. Apparently, this holds true in the malware industry, too. It provides yet another method for cyber criminals to effectively spread their malicious code, and earn illicit profits at the same time. With this knowledge, there’s no doubt that cyber criminals will continue with their malvertising campaigns, targeting more and more popular Web sites to “advertise” their malware.
Be a smart buyer, use some common sense, and don’t fall for false (and malicious!) advertising. Not only might you not get your money’s worth, you might also end up spending more without you knowing it.
Hat-tip: Spyware Sucks
Source: Malicious Banner Ads Target Expedia.Com and Rhapsody.Com | TrendLabs | Malware Blog - by Trend Micro
Filed under: Security and Anti-Virus, Internet Hacks, Spam\Phishing