October 27th, 2009
Malware ads served from Gizmodo
[ UPDATE: Dancho has more details on this attack ]
Popular gadget blog Gizmodo has acknowledged falling victim to an “elaborate scam” that served malicious ads for scareware (fake anti-virus) to its readers.
In an apology posted online, Gizmodo said the its ad sales team was tricked into running malicious ads purporting to be from Suzuki. This follows a similar attack that affected advertisements served from the New York Times site.
Here’s the note from Gizmodo’s editor:
Guys, I’m really sorry but we had some malware running on our site in ad boxes for a little while last week on Suzuki ads. They somehow fooled our ad sales team through an elaborate scam. It’s taken care of now, and only a few people should have been affected, but this isn’t something we take lightly as writers, editors and tech geeks. (And we would have noticed sooner except everyone on staff is on OS X or Linux for production machines.) Everything should be cleared up but you should be checking “qegasysguard.exe” if you’re experiencing random popups. Be careful, load up some antivirus and make sure your system is clean. I’m sorry.
Here’s a good primer from SANS on the malvertising scourge. Also see Dancho’s ultimate guide to scareware protection.
Ryan Naraine is a journalist and security evangelist at Kaspersky Lab. He manages Threatpost.com, a security news portal. Here is Ryan's full profile and disclosure of his industry affiliations.
For daily updates on Ryan's activities, follow him on Twitter.
Subscribe to Zero Day via Email alerts or RSS.
