RightMedia implicated again in Trojan attack

Brian Krebs posted an article “Banner Ad Trojan Served on MySpace, Photobucket“, although this is not the first time RightMedia (now owned by Yahoo) has been discovered serving up malicious code via their servers. I blogged about this previously, as has Sandi Hardmeier reportsRight Media was implicated in the distribution of winfixer malware“.


Brian goes on to report “The banner ads in question were traced back to an ad network exchange run by a company called RightMedia, which was recently bought by Yahoo!. The ads were being delivered to RightMedia’s network from a third-party ad server. According to ScanSafe, those third-party servers included in their rotation several malicious ads that used Macromedia Flash files to load an invisible “iFrame” (used to insert content from another Web site into the current Web page).”


Folks I have mentioned several times before to disable this option in Internet Explorer:
Launching programs and files in a IFrame = reset to Disable …
This is the single most exploited setting in Internet Explorer!
There are no legitimate sites that I know of that use this option …


This next statement really baffles me …


A RightMedia spokesperson said the ads have been identified and banned from the exchange. “However, we cannot control what happens elsewhere on the Net.”


Well if you can not control what runs thru your server … who does? duh! Their spokesperson seems rather flippant about the whole situation. I suspect anyone that was infected by this latest attack would expect a better response from RightMedia/Yahoo. Even worse there is no mention of this on their site or blog


Not to worry folks as RightMedia and their many clones are already included in the HOSTS file … just another example of advertisers that can not be trusted.



Leave a Reply