Flash Ads Serving Up Malware on Popular Sites -- Visual Studio Magazine

Flash Ads Serving Up Malware on Popular Sites

By Dian Schaffhauser
02/07/2008

Malicious Flash banner ads have been surfacing on major web sites including Expedia.com, Rhapsody.com, and MayoClinic.com in the last month, according to media reports.

Users who click on the banners, which advertise a digital music service, a student dating service, and disk cleaning software, are redirected to Web sites that proceed to install malware on their PCs.

Sandi Hardmeier, who writes "Spyware Sucks," first reported the rogue ads in a blog entry Jan. 28, referencing a well known malicious domain hosting site, securehost.com. The trail was next picked up by Trend Micro, which reported that the banners had to have made their way into the advertising supply chain by ad networks.

RealNetworks, which produces Rhapsody.com, first learned of the ads Jan. 20 and removed them four days later. The company declined to identify what supplier was feeding the ads.

In a post Feb. 5, Hardmeier adamantly stated that browsers are not responsible for the hijackings. She blamed Adobe and Macromedia, the owners and creators of Flash, for not implementing security measures such as the ability for users to turn off redirects in the product. "Flash has turned into the Typhoid Mary of the Internet," she wrote.

About the Author

Dian L. Schaffhauser is a freelance writer based in Northern California.

Printable Format

comments powered by Disqus

Featured

Visual Studio 2022 Getting VS Code 'Command Palette' Equivalent

As any Visual Studio Code user knows, the editor's command palette is a powerful tool for getting things done quickly, without having to navigate through menus and dialogs. Now, we learn how an equivalent is coming for Microsoft's flagship Visual Studio IDE, invoked by the same familiar Ctrl+Shift+P keyboard shortcut.
.NET 9 Preview 3: 'I've Been Waiting 9 Years for This API!'

Microsoft's third preview of .NET 9 sees a lot of minor tweaks and fixes with no earth-shaking new functionality, but little things can be important to individual developers.
Data Anomaly Detection Using a Neural Autoencoder with C#

Dr. James McCaffrey of Microsoft Research tackles the process of examining a set of source data to find data items that are different in some way from the majority of the source items.
What's New for Python, Java in Visual Studio Code

Microsoft announced March 2024 updates to its Python and Java extensions for Visual Studio Code, the open source-based, cross-platform code editor that has repeatedly been named the No. 1 tool in major development surveys.
Microsoft Build 2024 Sessions Listed: Copilots, Copilots & More Copilots

Microsoft today announced the session catalog for its Build developer conference next month in Seattle, with AI unsurprisingly dominating the event.

Subscribe on YouTube

.NET Insight

Email Address*Country*

Please type the letters/numbers you see above.

Upcoming Training Events

0 AM

Visual Studio Live! Chicago
April 29-May 3, 2024

VSLive! 2-Day Training Seminar: Building Cloud-Ready, Resilient Systems in .NET
June 4-5, 2024

VSLive! 4-Day Hands-On Training Seminar: Full Stack Hands-On Development with .NET (Core)
July 16-19, 2024

Visual Studio Live! Microsoft HQ
August 5-9, 2024

Live! 360 2-Day Hands-On Seminar: Swimming in the Lakes of Microsoft Fabric and AI - A Hands-on Experience
August 20-21, 2024

VSLive! 4-Day Hands-On Training Seminar: Hands-on with Blazor
September 17-20, 2024

VSLive! 2-Day Hands-On Training Seminar: Developing Secure ASP.NET Web Apps
September 24-25, 2024

Live! 360 Orlando
November 17-22, 2024

VSLive! 4-Day Hands-On Training Seminar: Full Stack Hands-On Development with .NET (Core)
December 10-13, 2024

Free Webcasts

> More Webcasts