New Way to Infect a Web Site: Just Buy Advertising

Cybercriminals don't have to hijack a website in order to infect the computers of people visiting it. All they have to do is buy advertising.

According to an article by Lucian Constantin in The Inquirer, people with little regard for your wellbeing have purchased display ads on Bing and Yahoo. The ads are designed to turn up in popular searches, such as "Firefox download." That way, more people will click on them and thus get infected. (They wouldn't get many victims with ads designed to pop up for searches like "Edsel transmission replacement.")

If you click on one of these ads, it will bring you to a page designed to resemble a legitimate location from which you can download the program you're looking for. But what you would actually download is something called a click fraud Trojan. Once it has infected your computer, you can never trust your searches again. Whatever you search for, it's going to point you to the pages it wants you to visit.

To make matters worse, this particular Trojan, called Win32.Malware!Drop, comes with a rootkit. That's a malware component that hides itself deeply inside the operating system, and is very difficult to detect.

This type of malvertising isn't new; it's been around for years. Major search sites do what they can to avoid it. According to Constantin, "in recent years Google, one of the most frequently targeted companies, has implemented strict background checks and other fraud detection methods." Perhaps this has forced the criminal element to other search sites, such as Bing and Yahoo.

All of this adds up to one more reason to keep a first-class antivirus program, such as Trend Micro's Titanium, and to make sure it's running at all times and stays up-to-date.

This story, "New Way to Infect a Web Site: Just Buy Advertising" was originally published by BrandPost.

To comment on this article and other PCWorld content, visit our Facebook page or our Twitter feed.
Shop Tech Products at Amazon