Minnesota’s Star Tribune newspaper can add its name to the list of organizations to be hit by a malicious Web advertisement.
The ad, which came from a third-party advertising network, sought to rope victims into downloading rogue anti-virus. According to the Star Trib, the culprit was an unauthorized Web advertisement that was “slipped into the mix of electronically routed ads that appear on the website.”
Such ads, known as malvertisements, are nothing new. Online readers of the New York Times may remember an incident in September when a similar rogue anti-virus scam was detected on that paper’s Web site as well. eWEEK itself in fact was hit with the problem in 2009. That time, the malware authors tried to launch an attack using an old vulnerability in Adobe Reader and Acrobat.
As for the Star Trib site, the paper has given the all clear for users to surf the site. Graham Cluley, senior technology consultant at Sophos, advised any computer users who think they were affected to ensure their (legitimate) anti-virus program is up-to-date, and that their browsers and other software are properly patched.