Malicious banner adverts .. they haven't gone away
Good morning everybody.
Thing have been quiet on this blog with regards to malicious Flash advertisements, but that doesn't mean that nothing has been happening - on the contrary - there has been a lot going on behind the scenes.
Good news is that the malicious SWF implicated in the soccernet outbreak (content owned by adtech.de and distributed by Akamai in the soccernet incident) is no longer being distributed, although it is still accessible via direct URL - I class that as kind of a half win - I'd much prefer the SWF to be moved completely out of public view.
It is interesting to contrast the steps that Akamai and adtech.de have taken by simply stopping distribution with the steps that Sensis took when they were hit - not only did they immediately stop distribution of the advertisement, they also made sure it could no longer be accessed online.
Now, to keep things interesting, Mike Burgess (another MVP) has been focusing on a USA based network that is hosting actual malicious files and trying to get the network to stop distributing winfixer type applications.
Mike Burgess has comprehensive information about the malware being hosted by LimeLight, and his efforts to get the company to take down the content, to no avail:
Limelight Networks serving up Malware (December 5):
LimeLight Networks and connecting the dots (December 7)
More malware found at Limelight Networks (December 16)
Limelight distributes hundreds of Rogue Antispyware products
So, for the time being, our focus should be campaigning to get LimeLight to stop distributing malware. Of course, I continue to be on the lookout for malicious advertisements as well.
Mike's comment that LimeLight's "partners" may not appreciate being associated with malware, and that they should perhaps be made aware of Mike's discoveries, is a very interesting one. All's fair in love and fighting malware.
Mike's blog is well worth subscribing to. He's as passionate about stopping the distribution of malware online as I am, and he has a lot of information about things such as fake video codecs and what not.