Microsoft announced Thursday that it has filed five civil lawsuits in U.S. District Court in Seattle against alleged purveyors of malicious advertisements.
The actions contend that the defendants pushed malware that was disguised as legitimate advertisements over the software giant’s AdCenter network.
When viewed or clicked, the ads — which typically appear on trusted websites — lead users to sites that claim the user’s computer is infected and, to resolve the issue, he or she should buy an anti-virus product, which turns out to be fake, Microsoft attorneys said. In other instances, the ads try to install trojans onto the victim’s PC.
In a post Thursday on a Microsoft blog, Tim Cranton, associate general counsel, said the company is unsure exactly who is behind the attacks. The lawsuits were filed against businesses using names such as “Direct Ad,” “Soft Solutions” and “ITmeter Inc.” None of the defendants could be reached for comment.
“Although we don’t yet know the names of the specific individuals behind these acts, we are filing these cases to help uncover the people responsible and prevent them from continuing their exploits,” Cranton said. “Microsoft works vigilantly, using both technology and the law, to fight illegal activity that undermines people’s trust in the internet and online services.”
Maxim Weinstein, who leads the StopBadware.org project at the Berkman Center for Internet and Society at Harvard University, told SCMagazineUS.com on Friday that hackers typically conduct these attacks by creating an ad that looks like a legitimate one and then embedding malware in it.
“What happens is somewhere down the chain, one of the ad networks misses the fact that one of their customers either unintentionally or intentionally — and it’s often intentionally — has submitted an ad that has malicious content,” he said. “That sort of gets rolled up the chain and put into circulation on one of the major networks.”
He said the number of incidents of this so-called “malvertising” appears to be dropping, however, as ad networks become more aware of the need to thoroughly screen ads for bad content. Hackers instead mostly are opting to exploit vulnerabilities on legitimate sites to serve malware to users whose client-side software is not fully patched, Weinstein said.
That does not mean malicious ads have gone away. During the weekend, the website for The New York Times was hosting ads pushing fake anti-virus that were disguised as legitimate Vonage ads.