Sometimes the only thing you can say about something boils down to the sound of your palm hitting your forehead. We have been seeing many ways in which criminals try to attack unsuspecting users and take over their PCs. One of which has been for quite some time the usage of advertisements as a vehicle to run malicious code on the victim’s browser – also exploiting the fact that these ads show up on the most legitimate sites.
Recently, I ran across an article that “exposes” such a scheme as if it was completely new (see Register article here). My initial response was to tweet about it as it reminded me of how we covered the same issue some years ago. It was late and I was trying to recall how far back was it since this coverage, and surprisingly I got it right! 2007…
Having been running this blog which saves all of my “historical” posts, there is even one dating back to September 2007 here, which references a report I issued for the 2nd quarter of 2007 (means it was written in May) and tracks the story published on the Q1 report (which would mean that I almost missed it and some of these were tracked back at the end of 2006). Funny story how a 3 year old news is reemerging now… For your comfort here are a couple of excerpts from the original research (find the differences…):
Numerous parties are often involved in getting an ad from an advertiser to a consumer. These include advertisers, ad agencies, advertising affiliate networks, adware makers, software makers, distribution affiliates, distribution affiliate networks, and websites. This complicated network of relationships can make it difficult for advertisers to know exactly where their ads are being delivered.
As websites depend more on advertising revenues, they often display ads from third party advertising networks, over which they have little or no control. While legitimate website owners trust advertisers to display non-malicious content, advertisers sometimes “sublet” their space to others. This hierarchy can often comprise several layers, seriously compromising the level of control the website owner has over advertising content.
Bottom line – same as always. If it works, no point of changing anything. Back at the time we were watching sites such as MLB.com, CNN.com and other high profile ones serve malicious ads, and today the situation is not any different. And I thought that I had to keep on the cutting edge of research to keep up in this line of business 🙂