Malware Showing Up On Legit Sites
from the it's-everywhere! dept
Since it’s fairly well known at this point that sketchy sites can try to trick users into installing malware, it appears that malware creators are increasingly looking for ways to make its malware available from more legitimate sites. Two recent stories highlight this trend. First is the news that some hackers successfully rigged Google to link to sites that installed malware on certain popular searches. It took a fairly elaborate scheme to get it to work — and it only lasted for a few days — but it does highlight that just because a site’s found via Google, it doesn’t mean that it’s safe. The second one apparently involves the popular urban legend debunking (or confirming) website, Snopes.com. Apparently, a well-known purveyor of adware has been running questionable or misleading ads (via Slashdot) on the site for over six months. Snopes was apparently told about this ad, but still chose to leave it running.
Filed Under: legit sites, malware
Companies: google, snopes
Comments on “Malware Showing Up On Legit Sites”
Be careful out there
Too many people are trusting the sites they visit.
Ads?
Ads are not good. Adblock+ with noscript is the only safe way to browse. That, and using any os besides windows is a big plus. Noones trying really to install malware on my mac. I don’t need to run with any anti-ware at all. Yes, this could change eventually, but I’m living in the now.
Re: Ads?
or, if you dont use firefox, or want ads blocked in 3rd party software or games, or some video ads blocked (experimental) and a bunch of other cool features, try: admuncher
i’ve seen this happen a few times where i work. often remnant advertising on a network gets resold to distant party remnant ad aggregators, and there’s little to no incentive up front to QA these ads as they come in. it’s just cash in the bank, and when it gets noticed, blink blink, really, a bad ad, blink blink?
lots of folks are still greedy, myopic, selfish, fear-motivated begars, a simple fact of life, so, yes, keep an eye open..
can you imagine, coming home at the end of the day, “hi honey, i really planted some good viruses today”, or, “i really found some clever near-mispellings to park some junk ad- sites on”.
people are useless, for the most part, and deserve the governments they get. after all, it is representative.
Re: Re:
gregory said:
“people are useless, for the most part, and deserve the governments they get. after all, it is representative”
What ?
Wow – have another beer, sounds like you need it.
use your head
I like to read techdirt and slashdot alot. I like everything windows, mac, linux, firefox (not really), ie7. I try to use them all daily (vmware is rocks!) I always here “use firefox! and macs!” you will be safe. It gets annoying. I dont think most of these folks even know what they are talking about, or would even have a clue on how to fix their mac themselves if they had malware problems. All these things do is help protect against yourself if you are not smart enought to avoid malware, and you don’t have to be that smart. My 11 year old occasionally clicks on something stupid, but even knows beter for the most part. Just learn how to browse, duh. IE7 (flame away) is great and kicks the crap out of firefox. It renders sites very nicely, where as firefox always pisses me off because I can not even go to 10 websites without one of them not displaying correctly (go ahaead and blame the coders), in addition to the ugly rendrings compared to ie. It is funny, because it used to be exclusive and hip to use a mac or firefox instead of MS stuff, now all the retards out there are trying to be cool and hip, and it is really starting to show……It is nice to see that the playing field is starting to level. anyway…. it is more WAY more important that the user surfs smartly, does’t matter as much the applications used. And this gets more true everyday.
Re: use your head
“IE7 (flame away) is great and kicks the crap out of firefox. It renders sites very nicely, where as firefox always pisses me off because I can not even go to 10 websites”
IE7 is hardly “great”…it is a definite improvement over IE6, and finally brought itself up to speed with other browsers (still no built in mouse gestures though) that had long outpaced it. Firefox blows IE7 away in functionality due to the extensive plug in community which allows users to customize their browser.
“I always here “use firefox! and macs!” you will be safe. It gets annoying”
Macs are tend to be less susceptible to viruses and malware for a few reasons, including their relatively low market share and being built on a (generally) more secure OS (BSD).
Vanilla Firefox is slightly safer than IE7 for the simple fact that it ignores ActiveX controls. Firefox with AdBlock Plus and NoScript is a hell of a lot safer than IE7. Granted, NoScript uses a whitelist to block javascript, which might annoy some users, but it allows domain level javascript blocking that blows IE’s jscript “on or off” security out of the water.
I’m not sure what type of pages you’re looking at, but I’ve never had any significant problems with Firefox’s rendering of web pages. At worst, a site uses outdated vbscript menus that don’t work, or a particular web app was written exclusively for IE. Other than that, no problems.
The IE7Pro plug-in helps eliminate a few of IE7’s shortcomings, by adding some basic adblocking, but after using both, AdBlock Plus for Firefox is a more robust and effective solution.
Re: use your head
[IE7] renders sites very nicely, where as firefox always pisses me off because I can not even go to 10 websites without one of them not displaying correctly (go ahaead and blame the coders)
haaa…Here is my response to that…
http://ubersoft.net/comic/hd/2000/09/emerson-never-said
I like how everyone here is advertising their favorite adblocking programs. I just got a chuckle from that. Haha
“…just because a site’s found via Google, it doesn’t mean that it’s safe…”
Yeah… I dunno but I’ve always followed that ideology.
Wildly clicking on everyting like a drunken baboon is probably not the best of solutions when looking to top up your v14gr4 prescription.
Snopes has stopped
See the update.
Snopes has pulled the ad but they’ve also shut down any discussion of it in their forum.
Kinda disappointed in Snopes. They have a great site and seems to write with a nice sharp sense of humor. Clearly they had to pull the ad(s) if they were delivering malware, but banning discussion about it seems beneath them..