And in all fairness, they’re bloody good at keeping track of what’s going on.
Of course they put their spin on it, but they’re usually the people who inform the security journalists of what’s going on.
So you usually get something like this in your inbox, but then if you work on an old-school publication, you have to re-write it and pretend you reported on it.
Well we didn’t.
“IT security and control firm Sophos is advising firms to secure their users’ web activity following the discovery of a poisoned web advert campaign on ITV.com.
The campaign was designed to deliver ’scareware’ - malicious code which appears to be a legitimate computer security warning - to Windows and Mac users. A posting on the website of The Radio Times, Britain’s leading TV listing magazine, confirms that a similar offending advert was removed from its site yesterday.
Experts at SophosLabs, Sophos’s global network of virus, spyware and spam analysis centres, discovered that ads, which were provided to ITV.com by a third party agency, contained a Macromedia Flash file, detected as Troj/Gida-B. These adverts were designed to dupe visitors into downloading a program called Cleanator (on Windows) or MacSweeper (on Apple Macs). Both programs claim to detect “compromising files” on your computer, but in reality install malicious Trojan horses.
“TV viewers are accustomed to adverts getting in the way of what they want to watch - they’re probably not as used to adverts on their favourite TV websites delivering unwanted code straight to their desktops. Worryingly, it’s quite likely that it is not just these websites that are affected - other websites could also be carrying poisoned adverts,” said Graham Cluley, senior technology consultant at Sophos. “Our own research has found that 83 percent of infected webpages are hosted on completely legitimate websites. The challenge for companies is how to stop employees becoming infected when they’re innocently surfing the web. The key is to scan for malicious code on every website - just like they scan every email.”
Last month Sophos published its annual Security Threat Report, which detailed how criminals are increasingly using the web to generate revenue and spread malware. Sophos detects 6000 new infected webpages every day (one every 14 seconds) - and there are increasing sightings of online adverts being poisoned to direct browsers to dangerous sites.
“Websites often use third parties to serve up their advertising. Website owners should ask these agencies about the procedures they have in place to vet and ensure the adverts they deliver don’t include malicious content or unsavoury links,” continued Cluley. “After all, it is the website that is going to receive the angry complaints from their legions of users.”
Sophos continues to recommend companies protect their desktops, gateways and servers with automatically updated protection against viruses, spyware, hackers, and spam.
-->
Posted by SecExtra on February 21st, 2008
Sophos is not only an antivirus company these days. They tend to write half of the good security stories that you see published on the web.
