Friday, September 18, 2009

Microsoft's 'Malvertising' Battle: A Tough Fight to Win



Microsoft's hoping to find the people who've disguised malware as advertising and hold them accountable. The software company announced it's filing five civil lawsuits against businesses that have taken up ads designed to transmit viruses and other harmful material. The catch, however, is that no one actually knows where those businesses are -- or who's behind them.

Microsoft's Malicious Ad Lawsuits

Microsoft's lawsuits, announced in a blog posted by Associate General Counsel Tim Cranton this week, target businesses with vague names like "Soft Solutions" and "ote2008.info." The businesses, Microsoft says, used popular online ad platforms to hide malicious code and try to infect unsuspecting users -- a process sometimes described as "malvertising." If a user follows a link presented in the ad, he could end up with damaged data or stolen information, or even find his PC under someone else's control.

"This work is vitally important because online advertising helps keep the Internet up and running," Cranton says. "Fraud and malicious abuse of online ad platforms are therefore a serious threat to the industry and for all consumers and businesses."

Just this week, a malicious ad made its way onto The New York Times' Web site. Readers were greeted by pop-up boxes claiming they had a virus and should go download specialized software to fix it. Following the link may have resulted in an actual virus being transmitted.

The 'Malvertising' Fight

The malicious-ad market is considered a multibillion dollar business. So far, though, the fight against it has proven to be difficult. Microsoft sued a Texas company over ad-based malware last year, but the problem is widespread enough that lawsuits seem to do little in the way of curbing it. In the new case, Microsoft isn't even sure exactly whom it's going after.

"Although we don't yet know the names of the specific individuals behind these acts, we are filing these cases to help uncover the people responsible and prevent them from continuing their exploits," Cranton explains.

General caution is the best way to keep yourself protected: Don't click onto Web-based pop-up boxes, even if they display alarming messages about your computer; make sure your own virus protection software is in place and up-to-date; and never give out your personal information while surfing the Web, unless you know exactly where it's going.

PC World

No comments:

Post a Comment