More info on malware-scan.com ads on newspaper Web sites

[<rms () computerbytesman com>]

Holy sh**.



Richard





http://www.azstarnet.com/business/209714

Maliciously coded online ad caused Star's Web site problems

By Jack Gillum

ARIZONA DAILY STAR

Tucson, Arizona | Published: 11.03.2007

advertisement

http://gcirm.tucson.gcion.com/RealMedia/.ads/adstream_lx.ads/news.azstarnet.
com/stories/business/960046763/300x250_1/OasDefault/ExpressJet4/sn_hp.txt/34
636364326666363437333634303230?_RM_EMPTY_

A maliciously coded online advertisement was responsible for causing
problems for Tucson Newspapers' Web sites this week, the company said
Friday.



The ads, which the company said were purchased with a fraudulent credit-card
number, directed some Web visitors to sites that could have installed
harmful software, or "malware."



The problem was reported Wednesday by the Pima County Department of
Environmental Quality, which advised its employees not to visit the Arizona
Daily Star Web site over computer-safety concerns. When their employees
visited the Star's site, anti-virus software alerted them of trouble.



The fraudulent ad purchase was discovered Wednesday and the ad was removed
Thursday, said Susan Hardin, director of online for Tucson Newspapers, which
is jointly owned by the Arizona Daily Star and Tucson Citizen newspapers.



Hardin said the ads in question were bought by a company called ForceUp,
which could not be reached for comment because a phone number for the
company at an Idaho area code was disconnected, and an e-mail contact form
was inaccessible.



Affected users were redirected to a different site and then presented with
fake virus-scanning software that was itself malicious software.



Hardin recommends that users block access to malwarealarm.com,
newbieadguide.com, and malware-scan.com, and delete infected files from a
computer's PC and Windows registry.



Tucson Newspapers previously said that some video advertisements may have
been the problem. But as of Friday, the company narrowed down the problem to
the suspect ads, which Hardin said were up in the morning hours for the last
10 to 18 days.



"This hasn't happened before, and our people reacted very quickly," said
Tucson Newspapers President and CEO Mike Jameson. "We'll just have to be
more vigilant in the future about these things."



The ad, Tucson Newspapers said, circulated to other newspaper sites across
the country.



● Contact reporter Jack Gillum at 573-4178 or at jgillum () azstarnet com.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.