Wednesday, December 19, 2007

Google 'Powerless' to Stop AdSense Maliciousness


Liam Tung writes on ZDNet Australia:

Launched in 2005, Google AdSense allows third-party Web sites or publishers to generate revenue from Google's text advertisers.

AdSense acts as a middleman between an advertiser and a publisher. By crawling the content of publishers' Web pages, AdSense determines the relevance of a text ad to page content and then places the ad within the page if there is a match.

Trojan.Qhost.WU, discovered by security firm BitDefender, has been designed to replace ads served by Google on third-party Web sites that use Google's AdSense network. The ads are replaced with alternative ads called from hosts outside the AdSense network.

Although it has not been established whether the ads served -- or the pages that the ads link to -- contain malicious software, BitDefender virus analyst Attila-Mihaly Balazs said it is "a very likely situation, given that they are promoted using malware in the first place".

More here.

Note: This 2008 prediction prophecy is self-fulfilling, almost.

While Google Adsense is the preferred method of choice (it appears) at the moment for Bad Guys (tm), it would appear that other online advertising venues are just as susceptible to malicious use.

And it will get worse. -ferg

0 Comments:

Post a Comment

<< Home