Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

National Geographic: a quick update

November 26th 2007 in Uncategorized

Alex Eckelberry of Sunbelt has been in touch with me to advise that he has contacted AdOn Network about the malicious SWF that we have been studying on this blog over the past day or so – something I am ashamed to admit I had not done yet.


AdOn advise that they have removed the advertiser, and all staff have been instructed to no longer accept the advertisement within their network.  AdOn advised that they manually review all advertisements before entering them on the network, and that the Tube advert was apparently ok at the time of submission.  They will be reviewing all accounts to remove “this type of ad” and hopefully prevent a recurrence.


So, US based visitors to the National Geographic site can rest a little easier.


Edit: 12.45pm GMT +0900, 27 November


I just checked and the SWF is still available at rmedia.adonnetwork.com/images/560766_90_728_200711011430_tubesnow_728x90.swf, and it is still malicious – redirecting people to the malware site.  It needs to be moved to a non-public area and/or deleted.


Comments are closed.

 HTTP capture of a visitor to the National Geographic website being hijacked and redirected to scanner2.malware-scan.com.  As we know, we’ve traced the guilty advertisement as far back as 66.179.234.173/images/1847_560766_7006263_90_728.html
 

Previous Entry

You start sounding the alarm, that’s what you do.  I urge you to read this link, and spread the word.
http://sunbeltblog.blogspot.com/2007/11/breaking-massive-amounts-of-malware.html
Take a close look at the URLs for the malware links; they are all random collections of letters and numbers, and they’re all Chinese domains.  Users of Google (and other web search engines) need to pay […]

Next Entry

Archives