Client Login
 Quick Contact
Google DoubleClick Found Serving Malicious Ad
Category : General 11 Dec 2010 10:13 AM | Industry News
DoubleClick, the Google-owned ad technology, has been distributing malware in an online ad served through a number of websites, according to the security researcher who says he discovered the attack.
It’s not known how many machines may have been infected by the malicious ad or how many web sites have displayed it. Huang says the infections appear to have begun no earlier than Dec. 4.
The malware infects users who visit a page where an infected banner ad is displayed. It’s installed as a drive-by download, meaning that users don’t have to click on the ad to be infected, they just have to visit a website when the ad appears on the page. The malicious advertisement came from a fictitious company called ""—a knockoff of the real that spells its name with two f's instead of three, Huang explained.
"We've notified the real and DoubleClick, and both companies have responded very quickly to the incident," he said. "AdShuffle has taken the details provided by Armorize in attempt to shut down the malicious domains, and DoubleClick has taken measures on Dec. 8 and 9 to ensure prevention of similar attacks. We were pleasantly surprised that both companies worked very quickly upon receiving the information and were very responsible in their actions."
Huang said he did not know how many sites were affected. The malware the company detected installs "HDD Plus" onto the victim's PC. The program produces a fake Windows alert telling victims their computers are infected and then prompting them to purchase a security program to repair them.