Think malware goes away? Trust but verify...
Posted by Jason Remillard on Mon, Mar 08, 2010 @ 08:07 AM
Much like Mr. Reagan, we nned to trust but verify.
Very interestingly enough, in the past five or six days we have been detecting ad networks including Google Adsense, Adultadwords, and Adbrite allowing malware-laden ads on their networks. We are not the only ones who have identified this issue, check out the following links for more information about them:
Google Adsense distributes malware - Google blocks own publisher!
AdultAdWorld (AAW) -distributes malware - doesn't answer the phone
This highlights a major issue that we have been discussing for a long time with all of our customers -- that is, the need for ongoing Malware detection scanning. Your site might be nailed down. Your site might be clean from SQL injection, Apache flaws, cross site scripting, and the myriads of other issues associated with open source and custom developed software. However if you run any sort of ad network, widgets, or anything else that inserts code from other sites you are running a major risk.
In these cases you are a very simple publisher. You trust your ad network since they are your partner. And now those lovely people are inserting Malware into your site.
Looking further, although humorous but serious, Adsense itself inserted malicious ad code into a customer's website -- and then proceeded to ban them and slapped the nasty Malware alert window on this board buggers website.
Now, how are going to react in this sort of scenario? I'd be interested in your comments, however at the end of the day you have to trust somebody and I like trusting by a verification -- and in this case we use several third parties for our validation services since I don't trust anyone on its own.
That is our commitment to you as a client of sitesecuritymonitor.com. We bring the best of breed to you, from a solution perspective, from a resource perspective, from a research perspective.
Again, I am interested in any comments regarding this subject -- it is very unfortunate that the Malware purveyors have chosen to attack this vector to distribute their wares, but did you really expect them to stop? We certainly didn't.
Is Google Adsense a Trojan horse itself?