Rogue Flash ads pushing malware

Sunbelt Blog posted an article entitled Rogue ads pushing malware – how it works. Here’s the video that shows what’s happening:

At Sunbelt Blog’s website, Alex Eckelberry continues to talk about the Flash .swf ads that are being used to push all this malicious content after throwing the user back and forth all over the web utilizing techniques that are big with Web2.0 interactive and mashed up content:

This is not a trivial problem, and the most important thing for publishers to do is to be extremely careful when accepting new advertisers (and be wary of tricks these people use, like giving fake references), and then keep a close eye on the advertising as it’s running (and hopefully some good tools can be developed for publishers to use to check the content of ads for malicious redirects before posting).

Must read for all Web Surfers.

Legitimate sites like the Major League Baseball site that had at one time recently been unknowingly spewing this type of bad content which was infecting visitors’ computers (see the article) were just trying to keep their visitors/users interested using innovative Web 2.0 features — bringing in and displaying, aka Mashup (web application hybrid) content such as articles, news, videos, ads and more from various sources on the Internet. In the process, something occasionally happens on these legitimate sites. Bad things are being injected.

Thanks for the heads up Alex!

Beware: Facebook Widget installs Zango

Beware: Facebook Widget installs Zango:

Fortinet Global Security Research Team discovered a malicious Facebook Widget (officially, a “Platform Application”) actively spreading on the social networking site which ultimately prompts users to install the infamous “Zango” adware/spyware.

Antivirus/Anti-Malware programs block the installation and state it’s Zango as shown later in the article at Fortinet’s FortiGuard Center report.

Thanks to TeMerc @ Scot’s Newsletter Forums and Sunbelt Blog.