본문 바로가기
IT 보안소식

뉴욕타임즈에서 허위백신 검출

by 잡다한 처리 2009. 9. 14.
반응형


뉴욕타임즈의 웹사이트에 허위스파이웨어 제품이 팝업 된 사건이 Sophos에서 공개하였다.
세계적인 일간지에서 이게 모하는 짓이람 ㅎㅎ

- 원문보기
http://www.sophos.com/blogs/gc/g/2009/09/14/fake-antivirus-attack-hits-york-times-website-readers/

This weekend readers of the New York Times website, NYTimes.com, were exposed to danger as the popular media outlet served up malicious adverts to some of its visitors.

According to a posting on the website some readers saw a pop-up messaging warning them that their computer had been infected, and urging them to install fake anti-virus software (also known as scareware):

New York Times warns of poisoned advert

Aside from a message on its website, The New York Times posted a message on their Twitter feed in an attempt to warn its readers:

It has been reported that the New York Times published a warning on the front page of its website on Sunday (you can see a screenshot here), but by the time I had visited it was no longer apparent.

In the past other media outlets (such as the Daily Mail, ITV and RadioTimes) have fallen foul of poisoned adverts serving up malware and fake anti-virus alerts.

As many media organisations leave the delivery and creation of web adverts to third-party networks they are effectively relying on other companies to deliver an unpolluted stream to their readers. Newspapers like The New York Times therefore still have a responsibility to warn their readers and clean-up their ads if a problem is discovered - but I think it's asking too much and impractical to think they should examine every advert in advance. After all, they're just plugging a small piece of JavaScript onto their website that collects the next advert from their provider's database.

It is the advertising network that should be screening adverts to hunt for malicious content, higher up the stream. And it is the responsibility of the webmasters at the media organisations not to do business with ad suppliers who can't manage this problem properly.

Of course, it is little consolation for the poor infected user to know who failed to check what they were delivering properly. As far as they are concerned, they visited NYTimes.com, were warned about a virus infection, and were tricked into installing scareware software that has now compromised their Windows PC.

Fake anti-virus

Fake anti-virus alerts have become one of the biggest revenue-generators for cybercriminals, and as a result we're seeing more attacks all the time either planting malicious scareware on compromised websites, posing as legitimate security companies, or explotiing hot internet search topics.

댓글