Tuesday, April 13, 2010

“Malicious Facebook Ad Redirects to Fake Antivirus Software” plus 3 more

“Malicious Facebook Ad Redirects to Fake Antivirus Software” plus 3 more

Five Filters featured article: Chilcot Inquiry. Available tools: PDF Newspaper, Full Text RSS, Term Extraction.

Malicious Facebook Ad Redirects to Fake Antivirus Software

Posted: 12 Apr 2010 06:40 AM PDT

A malicious advertisement has been found within an application for Facebook that redirects users to fake antivirus software, according to a security researcher.

The banner advertisement for greeting cards is intermittently displayed with an application called Farm Town, which has more than 9 million monthly users according to information published on Facebook.

If the bad Shockwave Flash advertisement is displayed, the user is redirected from Facebook through several domains and ends up on a Web site selling fake antivirus software, said Sandi Hardmeier, who studies malicious advertisements and blogged about the issue.(See also "How to Remove Fake AV Software.")

Farm Town's developer, SlashKey, has a notice on its Web site saying it has notified its developers of the problem.

"We believe at this time that it is harmless to your computer and a result of one or more of the ads on the site, but you should not follow any links to any software claiming to 'clean your system,'" the notice reads. "Most good antivirus/malware program will catch and quarantine this malware."

Hardmeier disagrees that it is harmless. "I'm disappointed that they are trying to minimize the perception of risk," she said.

Fake antivirus sites usually tell users their computers are infected and implore them to download the software, which is often completely ineffective. Consumers are charged as much as US$70 for the software, which is also difficult to remove, and have trouble recovering their money.

There are hundreds of fake antivirus programs, and security experts estimate it is a multimillion dollar industry. Panda Security wrote in a report last year that as many as 35 million computers worldwide may be infected with fake antivirus programs each month.

Google's Chrome browser did detect the malicious domains used to redirect the user and blocked the attack. The company has "safe browsing" technology built into its browser that will block users from going to potentially harmful Web sites. Internet Explorer 8, however, did not, Hardmeier said. She was in the process of testing Firefox on Monday morning.

Hackers have been known to figure out ways to slip their malicious advertisements onto ad networks that supply advertisements to innumerable Web sites. Many ad networks have taken steps to ensure malicious ads don't circulate. But there are ways around using the ad networks.

"The bad guys are going straight to site owners and offering them advertising," Hardmeier said via instant message. "The responsible networks are monitoring for the bad stuff and catching it and will suspend the bad campaigns immediately."

Hardmeier said she has notified cubics.com, which delivered the ad to Farm Town, and is in the process of notifying Facebook. Officials at Facebook could not be immediately reached.

Social networking sites such as Facebook are a prime target for scammers due to their high number of users and potential victims.

Five Filters featured article: Chilcot Inquiry. Available tools: PDF Newspaper, Full Text RSS, Term Extraction.

Malicious Facebook ad redirected to fake antivirus software

Posted: 12 Apr 2010 04:51 PM PDT

A malicious advertisement has been found within an application for Facebook that redirected users to fake antivirus software, according to a security researcher.

The banner advertisement for greeting cards was intermittently displayed with an application called Farm Town, which has more than 9 million monthly users according to information published on Facebook.

If the bad Shockwave Flash advertisement was displayed, the user was redirected from Facebook through several domains and ended up on a Web site selling fake antivirus software, said Sandi Hardmeier, who studies malicious advertisements and blogged about the issue.

Farm Town's developer, SlashKey, has a notice on its Web site saying it has notified its developers of the problem.

"We believe at this time that it is harmless to your computer and a result of one or more of the ads on the site, but you should not follow any links to any software claiming to 'clean your system,'" the notice reads. "Most good antivirus/malware program will catch and quarantine this malware."

Hardmeier disagrees that it is harmless. "I'm disappointed that they are trying to minimize the perception of risk," she said.

The bad advertisement has since been pulled, said Matt Brummett, account manager at Adknowledge, the online advertising network that owns Cubics.com, which served the ad. The agency that supplied Cubics.com with the ad, AdSeven Media, based in the Netherlands, has been banned from their network, Brummett said.

Brummett said Adknowledge uses both technical and other checks to keep out bad ads, but on rare occasions the safeguards are circumvented."We have identified the breakdown on this occurrence, and it will be remedied," he said.

Fake antivirus sites usually tell users their computers are infected and implore them to download the software, which is often completely ineffective. Consumers are charged as much as US$70 for the software, which is also difficult to remove, and have trouble recovering their money.

There are hundreds of fake antivirus programs, and security experts estimate it is a multimillion dollar industry. Panda Security wrote in a report last year that as many as 35 million computers worldwide may be infected with fake antivirus programs each month.

Google's Chrome browser did detect the malicious domains used to redirect the user and blocked the attack. The company has "safe browsing" technology built into its browser that will block users from going to potentially harmful Web sites. Internet Explorer 8, however, did not, Hardmeier said. She was in the process of testing Firefox on Monday morning.

Hackers have been known to figure out ways to slip their malicious advertisements onto ad networks that supply advertisements to innumerable Web sites. Many ad networks have taken steps to ensure malicious ads don't circulate. But there are ways around using the ad networks.

"The bad guys are going straight to site owners and offering them advertising," Hardmeier said via instant message. "The responsible networks are monitoring for the bad stuff and catching it and will suspend the bad campaigns immediately."

Hardmeier said she notifiedCubics.com, which delivered the ad to Farm Town, and is in the process of notifying Facebook. Officials at Facebook could not be immediately reached.

Social networking sites such as Facebook are a prime target for scammers due to their high number of users and potential victims.

Five Filters featured article: Chilcot Inquiry. Available tools: PDF Newspaper, Full Text RSS, Term Extraction.

Update: Malicious Facebook ad redirects to fake antivirus software

Posted: 12 Apr 2010 07:19 AM PDT

Google's Chrome browser was able to detect the malicious domains used to redirect users and blocked the attack, but Internet Explorer 8 did not

A malicious advertisement has been found within an application for Facebook that redirected users to fake antivirus software, according to a security researcher.

The banner advertisement for greeting cards was intermittently displayed with an application called Farm Town, which has more than 9 million monthly users according to information published on Facebook.

[ Learn how to secure your systems with Roger Grimes' Security Adviser blog and Security Central newsletter, both from InfoWorld. ]

If the bad Shockwave Flash advertisement was displayed, the user was redirected from Facebook through several domains and ended up on a Web site selling fake antivirus software, said Sandi Hardmeier, who studies malicious advertisements and blogged about the issue.

Farm Town's developer, SlashKey, has a notice on its Web site saying it has notified its developers of the problem.

"We believe at this time that it is harmless to your computer and a result of one or more of the ads on the site, but you should not follow any links to any software claiming to 'clean your system,'" the notice reads. "Most good antivirus/malware program will catch and quarantine this malware."

Hardmeier disagrees that it is harmless. "I'm disappointed that they are trying to minimize the perception of risk," she said.

The bad advertisement has since been pulled, said Matt Brummett, account manager at Adknowledge, the online advertising network that owns Cubics.com, which served the ad. The agency that supplied Cubics.com with the ad, AdSeven Media, based in the Netherlands, has been banned from their network, Brummett said.

Brummett said Adknowledge uses both technical and other checks to keep out bad ads, but on rare occasions the safeguards are circumvented. "We have identified the breakdown on this occurrence, and it will be remedied," he said.

Fake antivirus sites usually tell users their computers are infected and implore them to download the software, which is often completely ineffective. Consumers are charged as much as $70 for the software, which is also difficult to remove, and have trouble recovering their money.

There are hundreds of fake antivirus programs, and security experts estimate it is a multimillion dollar industry. Panda Security wrote in a report last year that as many as 35 million computers worldwide may be infected with fake antivirus programs each month.

Google's Chrome browser did detect the malicious domains used to redirect the user and blocked the attack. The company has "safe browsing" technology built into its browser that will block users from going to potentially harmful Web sites. Internet Explorer 8, however, did not, Hardmeier said. She was in the process of testing Firefox on Monday morning.

Hackers have been known to figure out ways to slip their malicious advertisements onto ad networks that supply advertisements to innumerable Web sites. Many ad networks have taken steps to ensure malicious ads don't circulate. But there are ways around using the ad networks.

"The bad guys are going straight to site owners and offering them advertising," Hardmeier said via instant message. "The responsible networks are monitoring for the bad stuff and catching it and will suspend the bad campaigns immediately."

Hardmeier said she notified Cubics.com, which delivered the ad to Farm Town, and is in the process of notifying Facebook. Officials at Facebook could not be immediately reached.

Social networking sites such as Facebook are a prime target for scammers due to their high number of users and potential victims.

additional resources

White Paper

Virtual Workforce: The Key to Expanding The Business While Cutting Costs

Get the independent advice and expertise you need to support a virtual workforce.

Go inside:
The three-step approach to making a virtual workforce a reality.
The four flavors of client virtualization technologies.
The three key initiatives that solve IT challenges.
Download now »

White Paper

Addressing Linux Threats Leveraging Fewer Resources

The increase in Linux popularity has increased the frequency and sophistication of malware attacks. Read this 2 page white paper now to learn how you can protect your Linux environment with real-time protection that is certified by all major Linux vendors.

Download now »

White Paper

The 2009 Handbook of Application Delivery

Ensuring acceptable application delivery will become even more difficult over the next few years. As a result, IT organizations need to ensure that the approach that they take to resolving the current application delivery challenges can scale to support the emerging challenges. This handbook elaborates on the key tasks associated with planning, optimization, management and control and provides decision criteria to help IT organizations choose appropriate solutions.

Download now »

White Paper

Mid-range Storage Considerations

A common misconception is that mid-range storage requirements are dramatically different than that of a larger enterprise. Mid-range storage users may require less capacity, but they have similar functionality and management requirements. This ESG paper examines mid-range storage needs and reviews a new solution that adjusts size while retaining value, performance and functionality.

Download now »

Five Filters featured article: Chilcot Inquiry. Available tools: PDF Newspaper, Full Text RSS, Term Extraction.

Vexira Antivirus Saves Marlin Independent School District Thousands of Dollars

Posted: 12 Apr 2010 06:08 AM PDT

Marlin Independent School District in Texas improves virus, spyware and malware protection and lowers costs with Vexira Antivirus

Medina, OH (PRWEB) April 12, 2010 -- MEDINA, Ohio, (PRWEB) April 12, 2010 Central Command Inc., a leading provider of antivirus, antispyware and Internet threat protection solutions for schools, businesses and enterprises, announced today that Marlin Independent School District in Marlin Texas switched to Vexira Antivirus and saved thousand of dollars and increased the malware protection for students, faculty and staff.

News ImageVexira Antivirus is a next generation antivirus, antispyware and Internet threat protection solution specifically designed to defend distributed networks with both proactive defenses and reactive protection. It is purpose-built to ensure that malware does not penetrate and infect desktops, laptops, netbooks or servers contained within a network.

"After changing to Vexira across our school district's campuses we witnessed an immediate drop in virus and spyware infection support incidents. The Vexira Safe@School discounted pricing for schools saved us thousands of dollars and simultaneously increased our ability to defend ourselves from viruses, spyware and other Internet threats. Vexira is easy to use and support has been great," said Barry Carson, Coordinator of Information Services, Marlin Independent School District.

The Vexira Antivirus product range provides a near perfect blend of protection and ease of use for schools. With many unique features specifically tailored for educational-based networks Vexira Antivirus gives Technology Coordinators and District Administrators powerful tools to combat viruses, spyware and other Internet-based malware.

Vexira Antivirus is a scalable, multi-platform Internet threat protection solution for any size network. Educational institutions use Vexira Antivirus to protect desktops, laptops, netbooks and file servers within computer labs or across entire campuses without hindering the students, faculty or administrators work.

"Vexira Antivirus is specifically built to protect high threat environments like school districts. It has extremely resilient and reliable protection capabilities that can be deployed silently throughout a network. With our dedicated Technical Support Specialists specifically trained in supporting large scale deployments Central Command is uniquely positioned to protect and support schools ahead of other vendors," said Keith Peer, CEO, Central Command, Inc.

For complete details, terms and conditions about the Vexira Safe@School Educational Discount Program visit www.centralcommand.com/edu email sales@centralcommand.com or call toll free +1 888-5-VEXIRA (839472)

About Central Command: Central Command, Inc., founded in 1990 is a privately held corporation that serves business, education, and health care organizations with antivirus, antispyware and Internet threat protection solutions, services, and information. The company services customers in over 100 countries and is headquartered in Medina, Ohio. Visit Central Command at www.centralcommand.com or call 1 888-5-VEXIRA (839472) for more information.

Central Command and Vexira are trademarks of Central Command, Inc. All other trademarks, trade names, and products referenced herein are property of their respective owners.

Post Comment:
Trackback URL: http://www.prweb.com/pingpr.php/U3VtbS1Mb3ZlLUNyYXMtSG9yci1aZXRhLVBpZ2ctWmVybw==

Bookmark -  Del.icio.us | Furl It | Technorati | Ask | MyWeb | Propeller | Live Bookmarks | Newsvine | TailRank | Reddit | Slashdot | Digg | Stumbleupon | Google Bookmarks | Sphere | Blink It | Spurl

Posted by at

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)