Tag Archives: scareware

OpenX Promises Fix for Rogue Ads Bug

May 2, 2012

Hackers are actively exploiting a dangerous security vulnerability in OpenX — an online ad-serving solution for Web sites — to run booby-trapped ads that serve malware and browser exploits across countless Web sites that depend on the solution.

Security experts have been warning for months about mysterious attacks on OpenX installations in which the site owners discovered new rogue administrator accounts. That access allows miscreants to load tainted ads on sites that rely on the software. The bad ads usually try to foist malware on visitors, or frighten them into paying for bogus security software.

OpenX is only now just starting to acknowledge the attacks, as more users are coming forward with unanswered questions about the mysteriously added accounts.

Attempted Malvertising on KrebsOnSecurity.com

November 29, 2011

Members of an exclusive underground hacker forum recently sought to plant malware on KrebsOnSecurity.com, by paying to run tainted advertisements through the site’s advertising network — Federated Media. The attack was unsuccessful thanks to a variety of safeguards, but it highlights the challenges that many organizations face in combating the growing scourge of “malvertising.”

Software Pirate Cracks Cybercriminal Wares

October 17, 2011

Make enough contacts in the Internet security community and you will probably learn that many of the folks involved in defending computers and networks against criminals got started in security by engaging in online illegal activity of one sort or another. These personal shifts are sometimes motivated by ethical and personal safety reasons, but just as often grey- and black hat hackers gravitate toward the defensive side simply because it is more intellectually challenging.

Huge Decline in Fake AV Following Credit Card Processing Shakeup

August 4, 2011

On Wednesday I wrote that many of the top fake antivirus distribution programs had ceased operations, citing difficulty in processing credit card transactions from victims. Others are starting to take note of the trend: Security firm McAfee says it has witnessed a dramatic drop in the number of customers reporting scareware detections in recent weeks.

Rogue Antivirus Gangs Seize on McAfee Snafu

April 22, 2010

Purveyors of rogue anti-virus, a.k.a. “scareware,” often seize upon hot trending topics in their daily efforts to beef up the search engine rankings of their booby-trapped landing pages. So it’s perhaps no surprise that these scammers are capitalizing on search terms surrounding McAfee, which just yesterday shipped a faulty anti-virus update that caused serious problems for a large number of customers.