Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Perimeter e-Security Disclosed a Fake Antivirus Serving MLB.com

Security experts from security firm Perimeter e-Security have found that the Major League Baseball (mlb.com) site has been distributing fake antivirus malware through a compromised ad network.

"Over the past week, we (Perimeter e-Security) noticed that various customers trying to download several "fake antivirus" malware had approached MLB.com instantly before attempting to install. We suspected an infected ad network, though we require the proof. Once the page is refreshed, MLB.com for 20-30 times, we were ultimately given the [malicious] redirect...," Perimeter e-Security report explains.

This particular drive-by attempting to download actually needs some user interaction. Once "Clean Computer" is clicked, the user is driven to download the file setup.exe containing actual fake-AV program. Like most fake-AV programs, it fakes scanning the victim's computer, find all files that are claimed as infected, and then endeavors to obtain the victim to purchase the "Full Version" to take away the non-existent threats for the low, low price of $99.99. This specific variant presents itself as "Windows Secure Web Patch". However, the program is fraudulent.

After analyzing the packet captured during the process of infection, Perimeter e-Security confirmed itself from the website adginserver.com, an ad server referenced by MLB.com.

Later on, it (Perimeter e-Security) claimed that the precise advert that provides the fake-anti-virus is on upon the MLB news page and spots to plentywatch.com. However, the banner image is collected on gipcampaign.com, injected with an IFRAME that readdress to adginserver.com.

However, the MLB's page rotates its ad display instantly, and thus every visit does not exhibit this malevolent advert, but as MLB.com secures the 77th position in the US and 344th globally, and approximately 3.24 Million, consumers think that these pages every day. Though the advert were only exhibited once every 100 page views it would influence over 300,000 PCs.

Early last year (2012), the public website for the London Stock Exchange was hit by a similar campaign when one of the online ads turned out to be malicious.

Online advertisements are a significant problem because of which several Internet companies (like Facebook, Twitter, and AOL) recently banded together to fight malicious online ads, commented Maxim Weinstein, the Ads Integrity Alliance Executive Director, which was published by Security Watch on June 19, 2012.

Related article: Parents Should Protect Their Children from Social Networking Danger

ยป SPAMfighter News - 7/3/2012

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page