ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

Main Area and Open Discussion > Living Room

Yahoo Primary Source of Malware and Doesn’t Care

(1/1)

app103:
You usually expect to catch an infection of malware from some shady unknown website that you shouldn’t have clicked on, but a study done by Avast! has uncovered something disturbing. Popular advertising networks are now being infiltrated by malware and you don’t even have to do anything special to get infected. You don’t even have to click on anything. According to CNet:
    Found in ads delivered from those networks was JavaScript code that Avast dubbed “JS:Prontexi,” which Avast researcher Jiri Sejtko said is a Trojan in script form that targets the Windows operating system. It looks for vulnerabilities in Adobe Reader and Acrobat, Java, QuickTime, and Flash and launches fake antivirus warnings, Sejtko said.

    Users don’t need to click on anything to get infected; a computer becomes infected after the ad is loaded by the browser, Avast said
--- End quote ---

Where will you find these infected ads? On some of the most popular websites like TechCrunch, The New York Times, The Drudge Report, and Whitepages.com. How could such well-known websites get infected with malware? It seems crazy to think about. They’ve got to be screening their websites and code thoroughly, right?
--- End quote ---


http://www.blackweb20.com/2010/03/23/yahoo-primary-source-of-malware/

Deozaan:
I find this very interesting, especially considering that Ubuntu has chosen to make Yahoo! the default search engine/home page for Firefox in the upcoming 10.04 Lucid Lynx release next month.

Though I suppose Ubuntu doesn't have to worry about viruses that are targeting Windows systems.

app103:
Though I suppose Ubuntu doesn't have to worry about viruses that are targeting Windows systems.
-Deozaan (March 24, 2010, 07:38 AM)
--- End quote ---

Flash and Java do exist for Ubuntu, also. And while the malware might be currently exploiting issues in those apps to target Windows now, there is still the possibility of targeting issues in those for any OS they run on, if the same exploitable issues affect other OS's as well.

Navigation

[0] Message Index

Go to full version