Researchers report having created proof-of-concept adware that takes advantage of wireless connections to spread ads. This means potential security problems at Internet cafes and in other public places.
Researchers from the University of
Calgary, in Alberta,
developed proof-of-concept implementations of a scheme that exploits
unencrypted wireless connections to blast PCs with ads.
In a paper March 9, the researchers described how the adware-dubbed Typhoid
laptops to communicate with it as opposed to a legitimate access point. Next,
the adware inserts its advertisements in videos and Web pages on other
The computers it targets do not see the adware, because it is not installed on
their machines. Likewise, the user whose computer is infected with the
adware does not see any ads, so the user may not know the machine has been
compromised. The researchers named the threat after Typhoid Mary, who
unknowingly infected people with typhoid fever.
"Typhoid adware is designed for public places where people bring their
laptops," Associate Professor John Aycock, co-author of the paper, said in
a statement May 21. "It's far more covert, displaying advertisements on
computers that don't have the adware installed, not the ones that do."
According to the authors, Typhoid adware can be implemented using techniques
such as ARP (Address Resolution Protocol) spooﬁng and proxies, and was
successfully demonstrated in both wired and wireless networks modifying a
variety of content that included streaming video.
"Even in the most overhead-intensive case, streaming video, the victim
still receives the content in a reasonable time," the authors wrote in the
The researchers offered up "a number of defenses" against Typhoid,
including "protecting the content of videos to ensure that what users see
comes from the original source," the university statement said. Another
defense is to "tell laptops they are at an Internet cafe to make them more
suspicious of contact from other computers."
"When you go to an Internet cafe, you tell your computer you are there
and it can put up these defenses," Aycock said. "Antivirus companies
can do the same thing through software that stops your computer from being
misled and redirected to someone else."