Malware Showing Up On Legit Sites

from the it's-everywhere! dept

Since it's fairly well known at this point that sketchy sites can try to trick users into installing malware, it appears that malware creators are increasingly looking for ways to make its malware available from more legitimate sites. Two recent stories highlight this trend. First is the news that some hackers successfully rigged Google to link to sites that installed malware on certain popular searches. It took a fairly elaborate scheme to get it to work -- and it only lasted for a few days -- but it does highlight that just because a site's found via Google, it doesn't mean that it's safe. The second one apparently involves the popular urban legend debunking (or confirming) website, Snopes.com. Apparently, a well-known purveyor of adware has been running questionable or misleading ads (via Slashdot) on the site for over six months. Snopes was apparently told about this ad, but still chose to leave it running.

Filed Under: legit sites, malware
Companies: google, snopes


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Alfred E. Neuman, 29 Jan 2008 @ 6:05pm

    Be careful out there

    Too many people are trusting the sites they visit.

    reply to this | link to this | view in chronology ]

  • identicon
    Hellsvilla, 29 Jan 2008 @ 6:27pm

    Ads?

    Ads are not good. Adblock+ with noscript is the only safe way to browse. That, and using any os besides windows is a big plus. Noones trying really to install malware on my mac. I don't need to run with any anti-ware at all. Yes, this could change eventually, but I'm living in the now.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 29 Jan 2008 @ 7:23pm

      Re: Ads?

      or, if you dont use firefox, or want ads blocked in 3rd party software or games, or some video ads blocked (experimental) and a bunch of other cool features, try: admuncher

      reply to this | link to this | view in chronology ]

  • identicon
    anonymous, 29 Jan 2008 @ 6:27pm

    i've seen this happen a few times where i work. often remnant advertising on a network gets resold to distant party remnant ad aggregators, and there's little to no incentive up front to QA these ads as they come in. it's just cash in the bank, and when it gets noticed, blink blink, really, a bad ad, blink blink?

    reply to this | link to this | view in chronology ]

  • identicon
    gregory, 29 Jan 2008 @ 7:59pm

    lots of folks are still greedy, myopic, selfish, fear-motivated begars, a simple fact of life, so, yes, keep an eye open..

    can you imagine, coming home at the end of the day, "hi honey, i really planted some good viruses today", or, "i really found some clever near-mispellings to park some junk ad- sites on".

    people are useless, for the most part, and deserve the governments they get. after all, it is representative.

    reply to this | link to this | view in chronology ]

    • identicon
      Alfred E. Neuman, 30 Jan 2008 @ 5:13am

      Re:

      gregory said:
      "people are useless, for the most part, and deserve the governments they get. after all, it is representative"

      What ?
      Wow - have another beer, sounds like you need it.

      reply to this | link to this | view in chronology ]

  • identicon
    steve, 30 Jan 2008 @ 6:21am

    use your head

    I like to read techdirt and slashdot alot. I like everything windows, mac, linux, firefox (not really), ie7. I try to use them all daily (vmware is rocks!) I always here "use firefox! and macs!" you will be safe. It gets annoying. I dont think most of these folks even know what they are talking about, or would even have a clue on how to fix their mac themselves if they had malware problems. All these things do is help protect against yourself if you are not smart enought to avoid malware, and you don't have to be that smart. My 11 year old occasionally clicks on something stupid, but even knows beter for the most part. Just learn how to browse, duh. IE7 (flame away) is great and kicks the crap out of firefox. It renders sites very nicely, where as firefox always pisses me off because I can not even go to 10 websites without one of them not displaying correctly (go ahaead and blame the coders), in addition to the ugly rendrings compared to ie. It is funny, because it used to be exclusive and hip to use a mac or firefox instead of MS stuff, now all the retards out there are trying to be cool and hip, and it is really starting to show......It is nice to see that the playing field is starting to level. anyway.... it is more WAY more important that the user surfs smartly, does't matter as much the applications used. And this gets more true everyday.

    reply to this | link to this | view in chronology ]

    • identicon
      Dan, 30 Jan 2008 @ 7:04am

      Re: use your head

      "IE7 (flame away) is great and kicks the crap out of firefox. It renders sites very nicely, where as firefox always pisses me off because I can not even go to 10 websites"

      IE7 is hardly "great"...it is a definite improvement over IE6, and finally brought itself up to speed with other browsers (still no built in mouse gestures though) that had long outpaced it. Firefox blows IE7 away in functionality due to the extensive plug in community which allows users to customize their browser.

      "I always here "use firefox! and macs!" you will be safe. It gets annoying"

      Macs are tend to be less susceptible to viruses and malware for a few reasons, including their relatively low market share and being built on a (generally) more secure OS (BSD).

      Vanilla Firefox is slightly safer than IE7 for the simple fact that it ignores ActiveX controls. Firefox with AdBlock Plus and NoScript is a hell of a lot safer than IE7. Granted, NoScript uses a whitelist to block javascript, which might annoy some users, but it allows domain level javascript blocking that blows IE's jscript "on or off" security out of the water.

      I'm not sure what type of pages you're looking at, but I've never had any significant problems with Firefox's rendering of web pages. At worst, a site uses outdated vbscript menus that don't work, or a particular web app was written exclusively for IE. Other than that, no problems.

      The IE7Pro plug-in helps eliminate a few of IE7's shortcomings, by adding some basic adblocking, but after using both, AdBlock Plus for Firefox is a more robust and effective solution.

      reply to this | link to this | view in chronology ]

    • identicon
      4-80-sicks, 30 Jan 2008 @ 11:25am

      Re: use your head

      [IE7] renders sites very nicely, where as firefox always pisses me off because I can not even go to 10 websites without one of them not displaying correctly (go ahaead and blame the coders)

      haaa...Here is my response to that...

      http://ubersoft.net/comic/hd/2000/09/emerson-never-said

      reply to this | link to this | view in chronology ]

  • identicon
    Trevlac, 30 Jan 2008 @ 7:26am

    I like how everyone here is advertising their favorite adblocking programs. I just got a chuckle from that. Haha

    reply to this | link to this | view in chronology ]

  • identicon
    Cixelsid, 30 Jan 2008 @ 7:48am

    "...just because a site's found via Google, it doesn't mean that it's safe..."

    Yeah... I dunno but I've always followed that ideology.

    Wildly clicking on everyting like a drunken baboon is probably not the best of solutions when looking to top up your v14gr4 prescription.

    reply to this | link to this | view in chronology ]

  • identicon
    Petréa Mitchell, 30 Jan 2008 @ 9:50am

    Snopes has stopped

    See the update.

    reply to this | link to this | view in chronology ]

  • identicon
    Lucretious, 30 Jan 2008 @ 12:43pm

    Snopes has pulled the ad but they've also shut down any discussion of it in their forum.

    reply to this | link to this | view in chronology ]

  • icon
    MIKEMJF (profile), 28 Dec 2009 @ 8:03am

    Kinda disappointed in Snopes. They have a great site and seems to write with a nice sharp sense of humor. Clearly they had to pull the ad(s) if they were delivering malware, but banning discussion about it seems beneath them..

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Close

Add A Reply

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Insider Shop - Show Your Support!

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.