eWeek hit with malicious DoubleClick ads

Analysis
Feb 27, 20092 mins

The Register reports that Google’s DoubleClick ad network this week distributed malicious banner ads via the eWeek homepage. eWeek quickly cleaned the ads off its site, and Google says it has discovered “a few instances” of the malware ads in the DoubleClick network and is in the process of removing them. But the incident proves just how vulnerable DoubleClick is to these attacks and how important it is for Google/DoubleClick to come up with a more bulletproof way of preventing future breaches–or risk losing even more ad clicks as users learn to be wary of even the mosted trusted sites.

Earlier this week, users visiting eWeek.com were presented with ads sporting invisible frames. When clicked, the ads redirected readers to attack websites that forced them to download and install malicious programs, including fictitious antivirus wares looking to extort payment.

The eWeek attack was just one in a string of similar exploits via DoubleClick. And it probably won’t be the last. As the Register states:

Catching the tainted banners has been challenging for DoubleClick and its competitors because the perpetrators often go to great lengths to conceal their activities. Miscreants often set up fictitious advertising agencies that appear to be legitimate. They also have the ability to turn the attacks on and off at the drop of a dime to evade sensors seeking out the malicious ads.

But difficult as it may be, thwarting such attacks needs to be a top priority for Google/DoubleClick, especially in this economy. Most redirect-type attacks rely on unwitting users clicking on clearly suspicious, untrusted links (re: the ViddyHo Gmail scam). But attacks like that on eWeek are different. They occur while users are visiting trusted sites–sites where they hardly expect to encounter malicious banner ad attacks. With the market for online advertising expected to contract to below post dot-com levels, Google/DoubleClick needs to get a plan in place to thwart these incidents–and fast.

* * *

Like this post? Visit the Google Subnet home page for more news, blogs and podcasts.

More blog posts from Google Subnet:

  • Google throws cold water on Atlantis ‘find’

  • Gears an enticing target for hackers

  • Google succeeds Microsoft as monopolist du jour

  • HTC/Google: Focused on design or keeping Apple happy?

  • Quiz: Are you a Google expert?

Sign up for the weekly Google newsletter. (Click on News/Google News Alert.)