Malware Found In Ads Served By DoubleClick

Online security company Amorize has found malware in ads served by Google's DoubleClick ad serving platform, Wired reported.

"The malware infects users who visit a page where an infected banner ad is displayed. It's installed as a drive-by download, meaning that users don't have to click on the ad to be infected, they just have to visit a website when the ad appears on the page."

"The malicious advertisement, for gift cards, originates from a bogus advertising agency called AdShufffle, with three f's in the name. The name appears to be playing off legitimate advertiser AdShuffle. The malicious ad has appeared on sites for Runnersworld.com and OrganicGardening.com, among other sites that are still being determined. Runnersworld.com and OrganicGardening.com are published by the Emmaus, Pennsylvania-based Rodale Inc. A company spokeswoman said the ads have been taken down," Wired noted.

Wayne Huang, CTO of Armorize noted it looked like the attackers simply copied a legitimate banner ad then used Javascript to exploit browsers through any of three vulnerabilities. If the visitor has one of them, a piece of software called "hdd plus" is unknowingly installed on their computer. The code also tried to force the browsers' to open a PDF to inflict the users' browsers through an Adobe exploit.

Amoritze said they reported the vulnerability to Google on Dec. 4.

"We can confirm that the DoubleClick Ad Exchange, which has automatic malware filters, independently detected several creatives containing malware, and blocked them instantly - within seconds," a Google spokesman wrote in an e-mail to Wired. "Our security team is in touch with Armorize to help investigate and help remove any affected creatives from any other ad platforms."

Problems with malware in ads distributed by DoubleClick has occurred in the past and Google said they had built a filter to address the situation - guess this is a new one.

About the author

Frank Watson has been involved with the Web since it started. For the past five years, he headed SEM for FXCM -- at one time one of the top 25 spenders with AdWords. He has worked with most of the major analytics companies and pioneered the ability to tie online marketing with offline conversion.

He has now started his own marketing agency, Kangamurra Media. This new venture will keep him busy when he is not editing the Search Engine Watch forums, blogging at a number of authoritative sites, and developing some interesting online community sites.

He was one of the first 100 AdWords Professionals, a Yahoo and Overture Ambassador, and a member or mod of many of the industry forums. He is also on the Click Quality Council and has worked hard to diminish click fraud.