Malvertising Attack Targets TweetMeme

A malicious advertising (malvertising) attack hit TweetMeme on July 15, 2010 when a phony advertiser invaded the tweetmeme.com website.

Describing 'malvertising,' security specialists state that it is a technique for disseminating malicious software through advertising tags delivered via unwary sources like publisher's website, forum, blog comment or user-generated material of other kind. The malvertising allows cyber criminals develop content which executes various types of harmful assaults, the specialists explain.

A particular website, which concentrates on researching and prevention of such malvertising assaults called StopMalvertising, outlined that malevolent advertisements hit TweetMeme users when a fake advertiser from y5-media.com served the malicious ads. Thus, an investigation was conducted into the incident and it was found that an attack with a bogus AV (antivirus) named Security Threat Analysis disseminated those malvertisements.

According to the investigators, queries sent to y5-media.com were returned back via two other websites after which they ended up on the rogueware site. Cyber criminals made their attack subtle to the maximum extent so they could pass unnoticed.

The investigators said that both the websites carried out different examinations to determine if the queries were from a search-engine, a bot, or a proxy since there would be no diversion to the rogueware, as reported by Softpedia on July 15, 2010. In case, a user went to the two malevolent websites, his browser would get a cookie that stops any attack on him in the future.

As online advertising keeps growing, attacks via 'malvertising' also tend to rise, said the researcher. Indeed, Dasient, a security company, supports this verdict in its research paper published during May 2010 in which it was stated that the company, on the basis of their sample, had found 1.3 Million malvertisements viewed daily wherein 59% of them were drive-by downloads and 41% were rogueware or bogus security software.

Hence, security researchers issued a warning to Internet users in late 2009 appeared to be proving right. They had cautioned that there was a possibility of further complicated security attacks during 2010, particularly an anticipated flow of so-called 'malvertising' assaults.

Related article: Malvertising Campaign Strikes Well-Known Websites

» SPAMfighter News - 7/28/2010