There are reports of a malvertizement incident using a “Curves” malvertizement. Note the watermark on the advertisement (which was being served via a domain that is attempting to spoof mediaplex: adfarm.mediaplex.com.rulash.com/banners/load.php?id=215411729). I am sure that watermark belongs to Kimberley of Bluetack, which means that the miscreants have simply stolen a screenshot of an old […]
Visually the advert is identical to the one that was hijacking Facebook visitors using Farm Town, and again the malvert is hitting justimpression.com. This time, though, the campaign does not seem to be targeting Australians. If we look at the SWF itself we see:
I’m still keeping an eye on the Farm Town forums, now that they’ve caught my eye because of the malvertizing incident and the amazing 30+ page complaint thread on their forums (all of the old posts were deleted from that thread on or close to the 20th of April, btw). Anyway, the complaint seen in […]
Again, a Facebook application is affected, but this time it is users in the United States (and perhaps elsewhere) who are being targeted. The App owner, cubics.com and Facebook have all been notified of the incident and given the necessary evidence. The advertisement displayed when I test the social.bidsystem.com URL changes all the time. That […]
I posted this to Farm Town here: This response was posted, just 14 minutes later – note that my post was edited not once (by “candlelight”), but twice – once to disable the links (which I don’t have a problem with) and then again over 12 hours later (by “Heddryin”?) to remove the links […]
I received an email from adknowledge.com 50 minutes ago to advise that they have identified and taken down the malicious advertisement. There is, of course, much that needs to be addressed. How did the advert get in in the first place? If Farm Town were approached and accepted the advert, who gave it to them? […]
Oh boy… Conrad took a look at the traffic hitting justimpression.com http://blog.dynamoo.com/2010/04/farmtown-impressionclubcom-and.html One thing I will point out is that those stats are for people visiting justimpression.com who are based in the United States. It seems that the Farm Town malvertizement on Facebook is geotargetted and hitting UK and Australian players. Alexa reports that […]
Graham Cluney writes: http://www.sophos.com/blogs/gc/g/2010/04/12/farm-town-virus-warning-malvertising-work/ And there is a *big* thread on the Farm Town forums: http://slashkey.com/forum/showthread.php?s=0ac5ce13b15397a9577dee639cf9e205&t=204626 I’m going to join that forum and post to that thread. And here’s a screenshot of the malvertisement in situ:
IMPORTANT NOTE: THE APPLICATION AFFECTED IS FARM TOWN, NOT FARMVILLE. THE ORIGINAL ARTICLE HAD ‘FARMVILLE’ IN THE TITLE – THAT WAS QUICKLY AMENDED BUT SOME RSS FEEDS MAY HAVE PICKED UP THE ORIGINAL TITLE. Google Chrome’s protections stopped the bad advert from working by rejecting the content from justimpression.com – Internet Explorer’s various protections did […]
Seen when a computer was used to access the FarmTown game on Facebook.