Microsoft sues over malicious online ads

[javajolt]

Aiming to crack down on a growing problem, Microsoft said it filed five lawsuits Thursday against parties it suspects of posting online advertisements laden with malicious code.

Microsoft has tried to work with ad networks to thwart such "malvertising" in the past, but this is the first time it has gone to court.

"Our filings in King County Superior Court in Seattle outline how we believe the defendants operated, but in general, malvertising works by camouflaging malicious code as harmless online advertisements," Microsoft Associate General Counsel Tim Cranton said in a blog posting.

In each case, Microsoft is suing the unknown parties responsible for the ads.

"Although we don't yet know the names of the specific individuals behind these acts, we are filing these cases to help uncover the people responsible and prevent them from continuing their exploits," Cranton said.

In the past week, The New York Times' Web site was hit with a rogue advertisement that told readers that their computer may be infected with a virus and redirected them to a site that purports to offer antivirus software.

"Scareware is often distributed among criminals, which therefore results in many of the animations a user may see utilizing a common design and interface," a Microsoft told CNET News. "However, without additional information and specific details about the attacks, we cannot be certain that any of today's filings directly relate to the attacks on The New York Times' Web site."

Microsoft likened the latest lawsuits to prior legal action that it has taken against those suspected of click fraud or instant messaging spam.

"This work is vitally important because online advertising helps keep the Internet up and running," Cranton said. "It's the fuel that drives search technologies. It pays for free online services like Windows Live, Facebook, Yahoo, and MSN. Fraud and malicious abuse of online ad platforms are therefore a serious threat to the industry and for all consumers and businesses that rely on these free services."

source:cnet

[javajolt]

Microsoft filed lawsuits against five companies Thursday, accusing them of using malicious advertisements to trick victims into installing software on their computers.

The company is suing DirectAd Solutions, Soft Solutions, qiweroqw.com, ote2008.info and ITmeter, saying that these companies have used ads to "distribute malicious software or present deceptive websites that peddled scareware to unsuspecting Internet users," according to a blog posting by Tim Cranton, associate general counsel with Microsoft.

Scareware is malicious or ineffective software. It's so named because buyers are usually scared into buying it with fake messages that tell them that their computer has been infected. These products have been around for years, but in the past few months they've become a major problem. Over the weekend, The New York Times was tricked into running a scareware ad on its site by scammers pretending to be with Vonage, a legitimate telecommunications company.

But scareware ads are popping up everywhere these days, security experts say. "These guys have decided to go full-court press on this, because it's obviously very profitable," said Paul Ferguson, a researcher with antivirus vendor Trend Micro.

Typically, when a scareware ad pops up on a victim's screen, it looks like a Windows utility running some kind of security scan. It will then warn that it has found a critical security problem and direct the victim to a Web site where they can buy a product to fix the issue.

When the victim pays, the scammers then deliver useless or even malicious software. Often, they also use the victim's credit card number for further fraud or try to hack into the machine.

In addition to pushing malicious ads, these scammers have also been poisoning Google search results lately. To do this, they keep track of hot search topics and then use search engine optimization techniques -- using software to create a bunch of links to their malicious pages -- so that their pages come up first in search results. When the victim clicks on the fake search result, they're taken to a Web site that pops up the fake scareware system scan.

Recently, they've hijacked search results relating to South Carolina Congressman Joe Wilson, the U.S. Open tennis tournament and actor Patrick Swayze.

Sometimes they are very localized, too. "When Seattle was having a heatwave this past summer they hijacked search results for Seattle weather," said Katherine Tassi, assistant attorney general with the Washington State Attorney General's Office. Her office sued a Texas company for allegedly supplying rogue antivirus software back in September 2008. That company has since gone out of business, she said.

Today most scareware sellers operate outside the U.S., making it hard to stop them, Tassi said. "Certainly on a state level, it's become virtually impossible."

"They're multimillion-dollar enterprises, they're criminal in nature, and they span multiple continents," she said.

Microsoft's lawsuits are so-called John Doe suits, meaning the company does not know who is behind these companies but hopes to discover the perpetrators as it continues to investigate.

Nevertheless, Cranton wrote that Microsoft hopes that the "filings will help deter malvertising in the future."

source:computerworld

[javajolt]

Microsoft's hoping to find the people who've disguised malware as advertising and hold them accountable. The software company announced it's filing five civil lawsuits against businesses that have taken up ads designed to transmit viruses and other harmful material. The catch, however, is that no one actually knows where those businesses are -- or who's behind them.

Microsoft's Malicious Ad Lawsuits

Microsoft's lawsuits, announced in a blog posted by Associate General Counsel Tim Cranton this week, target businesses with vague names like "Soft Solutions" and "ote2008.info." The businesses, Microsoft says, used popular online ad platforms to hide malicious code and try to infect unsuspecting users -- a process sometimes described as "malvertising." If a user follows a link presented in the ad, he could end up with damaged data or stolen information, or even find his PC under someone else's control.

"This work is vitally important because online advertising helps keep the Internet up and running," Cranton says. "Fraud and malicious abuse of online ad platforms are therefore a serious threat to the industry and for all consumers and businesses."

Just this week, a malicious ad made its way onto The New York Times' Web site. Readers were greeted by pop-up boxes claiming they had a virus and should go download specialized software to fix it. Following the link may have resulted in an actual virus being transmitted.

The 'Malvertising' Fight

The malicious-ad market is considered a multibillion dollar business. So far, though, the fight against it has proven to be difficult. Microsoft sued a Texas company over ad-based malware last year, but the problem is widespread enough that lawsuits seem to do little in the way of curbing it. In the new case, Microsoft isn't even sure exactly whom it's going after.

"Although we don't yet know the names of the specific individuals behind these acts, we are filing these cases to help uncover the people responsible and prevent them from continuing their exploits," Cranton explains.

General caution is the best way to keep yourself protected: Don't click onto Web-based pop-up boxes, even if they display alarming messages about your computer; make sure your own virus protection software is in place and up-to-date; and never give out your personal information while surfing the Web, unless you know exactly where it's going.