Microsoft Lawsuit Shows Malicious Advertising a Growing Issue
Microsoft is suing five online entities and the individuals behind them for spreading "malvertising," or online advertising that delivers malware. As demonstrated by a September attack on The New York Times Website, malicious online advertising represents a persistent and increasingly high-profile problem for businesses and consumers.Microsoft announced on Sept. 18 that it has filed lawsuits against five entities that it claims have been spreading "malvertising," or online advertising used to port malware onto end users' machines. Microsoft is asking the court to shut down those entities, saying that they used Microsoft's AdManager service, which lets Website owners manage their own advertising inventory, to launch their attacks. The lawsuits are just the latest leveled by Microsoft against spreaders of malicious code. Earlier in the summer, Microsoft's Internet Safety Enforcement Team filed a civil lawsuit in the U.S. District Court for Western Washington against what they described as a massive click-fraud scheme. In that case, the accused individuals had developed click-fraud attacks against online advertisements for auto insurance and World of Warcraft.
In 2009, Microsoft also targeted legal action against a party, Funmobile, which it accused of "spimming," or spreading links to possibly malicious software through instant messaging. Hong Kong-based Funmobile had apparently been sending instant messages to thousands of Windows Live Messenger users since March 2009.
The Sept. 18 filings represent yet another front in the battle.
"Our filings in King County Superior Court in Seattle outline how we believe the defendants operated," Tim Cranton, Microsoft's associate general counsel, wrote in an official Microsoft blog posting on Sept. 1. "In general, malvertising works by camouflaging malicious code as harmless online advertisements. These ads then lead to harmful or deceptive content."
- "Make sure you're using legitimate and up-to-date antivirus, firewall and anti-malware/spyware tools."
- "Be extra cautious about offers to secure or scan your computer with security software or programs you don't recognize."
- "Don't give out personal information or credit card information unless you know the site is secure."