Malvertising – latest threat lures users to malicious sites

28 Feb 2011

Unsuspecting internet surfers are being fooled into clicking on seemingly above-board ads from recognisable brands only to end up on malicious websites that install malware on the users’ computers.

Websense Security Labs has discovered that the popular auto trading site and cinema site have both served ads that redirected the user to malicious websites.

In both cases, the malicious ads were tailored to respond to user activity with several masked redirects before installing a rogue anti-virus which disrupts the use and ordinary functionality of the computer.

Cyber criminals willing to pay for advertising

The websites themselves weren’t compromised but were serving ads from an ad provider called Unanimis that led browsing users seamlessly – in the background and without their knowledge – to exploit sites.

“Cyber criminals are willing to pay for advertising to propagate malware and popular websites are a good target as they are invariably ‘trusted’ and boast high traffic,” Elad Sharf, Websense Security Labs, explained in the company’s blog.

“We have been following the exploit domains in this malvertising campaign for quite awhile now. In addition to and, we’ve also received reports that and were also affected.

“One of the advantages that cyber criminals enjoy with malvertising campaigns is that they can be easily spread across a large number of legitimate websites without directly compromising those websites,” Sharf warned.

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years