For a brief period this week, cybercriminals managed to infect Google's and Microsoft's online ad networks with malicious advertisements that attacked user's PC's according to security consultancy Armorize.
The attacks started around Dec. 5 and lasted a few days, sending victims who clicked on the ads to malicious Web pages. Those pages took advantage of known software bugs to install backdoor programs that gave the attackers control of the victims' PCs, or to install software that made it appear as though the PCs were filled with malicious software.
Google acknowleged Friday that it had experienced some issues on its DoubleClick network but said it had put a stop to them quickly.
The ads exploit bugs in Adobe Reader, Java and other PC software. The bugs have been previously identified, which means people with up-to-date software and antivirus products should not be at risk.
Criminals have slid malicious ads into circulation before. Last year, the New York Times was tricked into running a fake Ad for the Vonage VOIP Service. It generated fake antivirus warnings that encouraged readers to buy bogus security software.
The Doubleclick and Hotmail ads appear to have been more dangerous, however, in that they attacked computers and installed malicious software, such as the HDD Plus Fake Optimizer Tool.
Posts
