Flash Ads Serving up Malware on Popular Sites

  • By Dian Schaffhauser
  • 02/07/08
Malicious Flash banner ads have been surfacing on major web sites including Expedia.com, Rhapsody.com, and MayoClinic.com in the last month, according to media reports. Users who click on the banners, which advertise a digital music service, a student dating service, and disk cleaning software, are redirected to Web sites that proceed to install malware on their PCs.

Sandi Hardmeier, who writes "Spyware Sucks," first reported the rogue ads in a blog entry Jan. 28, referencing a well known malicious domain hosting site, securehost.com. The trail was next picked up by Trend Micro, which reported that the banners had to have made their way into the advertising supply chain by ad networks.

RealNetworks, which produces Rhapsody.com, first learned of the ads  Jan. 20 and removed them four days later. The company declined to identify what supplier was feeding the ads.

In a post Feb. 5, Hardmeier adamantly stated that browsers are not responsible for the hijackings. She blamed Adobe and Macromedia, the owners and creators of Flash, for not implementing security measures such as the ability for users to turn off redirects in the product. "Flash has turned into the Typhoid Mary of the Internet," she wrote.

About the Author

Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.

Featured

  • person signing a bill at a desk with a faint glow around the document. A tablet and laptop are subtly visible in the background, with soft colors and minimal digital elements

    California Governor Signs AI Content Safeguards into Law

    California Governor Gavin Newsom has officially signed off on a series of landmark artificial intelligence bills, signaling the state’s latest efforts to regulate the burgeoning technology, particularly in response to the misuse of sexually explicit deepfakes. The legislation is aimed at mitigating the risks posed by AI-generated content, as concerns grow over the technology's potential to manipulate images, videos, and voices in ways that could cause significant harm.

  • close-up illustration of a hand signing a legislative document

    California Passes AI Safety Legislation, Awaits Governor's Signature

    California lawmakers have overwhelmingly approved a bill that would impose new restrictions on AI technologies, potentially setting a national precedent for regulating the rapidly evolving field. The legislation, known as S.B. 1047, now heads to Governor Gavin Newsom's desk. He has until the end of September to decide whether to sign it into law.

  • illustration of a VPN network with interconnected nodes and lines forming a minimalist network structure

    Report: Increasing Number of Vulnerabilities in OpenVPN

    OpenVPN, a popular open source virtual private network (VPN) system integrated into millions of routers, firmware, PCs, mobile devices and other smart devices, is leaving users open to a growing list of threats, according to a new report from Microsoft.

  • interconnected cubes and circles arranged in a grid-like structure

    Hugging Face Gradio 5 Offers AI-Powered App Creation and Enhanced Security

    Hugging Face has released version 5 of its Gradio open source platform for building machine learning (ML) applications. The update introduces a suite of features focused on expanding access to AI, including a novel AI-powered app creation tool, enhanced web development capabilities, and bolstered security measures.