[Home]  [Headlines]  [Latest Articles]  [Latest Comments]  [Post]  [Mail]  [Sign-in]  [Setup]  [Help]  [Register] 

CBDC Digital Currencies: A Recipe for Global Slavery

The Counterrevolution Against the Constitution

Conservatives in Congress Pushing to Repeal Military Covid Vaccine Mandate via NDAA

Gov’t Criminally Ignoring Vax-injured Living in Hell on Earth

There’s No Natural ‘Carrying Capacity’ for the Human Population: An Essay Inspired by the Happy News that the Human Population Has Reached Eight Billion

Turkey Expects More Extraditions From Sweden for NATO Membership

As the Pentagon Fails Another Audit, Congress Wants to Spend Even More on "Defense"

Danger Zone: On Religion, America Is Becoming More Like China

World Court Must Rule on Climate Justice: UN "Youth" Delegate

California Reparations Task Force Proposes $223K Per Person for Black Residents

Renowned Cardiologist: mRNA Vaccines May be “Changing the Human Genome”

New York Forces Websites To Monitor 'Hateful' Speech. A New Lawsuit Says This Violates the First Amendment.

Congress inches toward year-end government funding deal

Russian Oil Price Cap, EU Sanctions Come Into Effect

Born on the Tenth of January

Word and Sacrament: The marks of the church

SCOTUS Appears Favorable to Web Developer in Lawsuit Against Colorado Anti-discrimination Law

Semiconductor Manufacturers Don't Need More Subsidies. They Need Less Government.

Supreme Court Debates Whether Web Designers Can Be Forced To Make Gay Wedding Pages

NATO Exists To Solve The Problems Created By NATO's Existence

Life insurance companies sound DEATH ALERT warnings over nearly 100,000 excess deaths per month happening right now in the USA

Iran Says It Won’t Resume Nuclear Deal Talks ‘Under Pressure’

US Army Plans ‘Dramatic’ Increase in Ammunition Production as Ukraine Aid Drains Stockpiles

WSJ: US Secretly Limited Range of Weapons Sent to Ukraine

Imagining a Revived, Twenty-First Century Capitalism

Ukraine war: Fighting will be at 'reduced tempo for months' US intelligence experts say

Nigerian President Says Weapons From Ukraine are Winding Up in Africa

Ukraine Says Oil-Price Cap Won’t Dent Russia’s Ability to Fund War

Russia Rejects EU’s $60 Oil Price Cap

Macron Says Security Guarantees for Russia Needed for Future Peace Deal

Old Testament: Isaiah 7:10-17 (Advent 4: Series A)

Doing His Duty

Raytheon Gets $1.2 Billion Contract to Produce Air Defense System for Ukraine

Gospel: Matthew 1:18-25 (Advent 4: Series A)

NRA Files Lawsuit Against Oregon Gun-control Law

The Woman Who Spearheaded Prohibition's Repeal

How to replace the welfare state

Will Your State Reject the Fed’s Digital Dollar?

Rep. Adam Smith Says Calls for Ukraine Aid Oversight are ‘Russian Propaganda’

Epistle: Romans 1:1-7 (Advent 4: Series A)

Almost No One Noticed the Hate Speech Law That Just Took Effect — or the Lawsuit Against It

After a Crackdown on a Pain Clinic, a Tragic Double Suicide

11th Circuit Says a Judge Should Not Have Interfered With the FBI's Review of the Mar-a-Lago Documents

Police thought his cash was suspicious. So they took it. And won’t give it back.

REAL ID Requirement for Travelers Delayed Until May 2025

Lavrov Says Russia, China Stepping Up Military Cooperation in Response to NATO

A Tribute to the U.S. Marine Corps

Church Fathers on Christmas: St. Augustine

Russia Is the Last Remaining Christian Country

Zelensky’s Long History of Crushing Dissent

Status: Not Logged In; Sign In

See other Computers-Hacking Articles

Title: Google advertisements automatically redirected users to malicious sites
Source: [None]
URL Source: http://www.myce.com/news/google-adv ... sers-to-malicious-sites-74299/
Published: Jan 18, 2015
Author: Jan Willem Aldershoff
Post Date: 2015-01-18 14:41:32 by A K A Stone
Keywords: None
Views: 719
Comments: 1

The scam sites on which visitors landed offered weight loss, anti-aging and IQ enhancing products. The sites looked like legitimate blogs and magazines with all kinds of fake scientific research on the offered products, enhanced with fake recommendations of “customers”.

The issues with the malicious advertisements started around the middle of December and saw a large peak on Friday the 9th of January. On the Google Adsense Forum more than 180 complaints of angry webmasters were posted that day. Webmasters displaying Google Adsense advertisements noticed how their visitors were redirected by the malicious advertisements. Google resolved the issue a day later on January 10th.

According to security company Sucuri the attackers used two legitimate Adsense campaigns to which they likely gained access with stolen login data. The ads contained Javascript code which in its turn loaded the malicious code.

Researcher Denis Sinegubko from Sucuri wonders why Google allows advertisers to use potentially dangerous code. “I realize that Google wants to provide advertisers with some level of flexibility in managing their campaigns and use allows to use scripts off of their own sites. I also realize that the at the moment of the initial ad reviews those scripts didn’t do anything malicious and only began misbehaving after they had been approved. But anyway, there should be a better control over third-party scripts.”

Sinegubko also mentions that while nobody likes advertisers, they are indispensable for many websites.”I’m not telling you to remove all ads from your site”, he advises webmasters, “But I invite you to think about the security and reputation implications that bad ads may have for your site. Consider any third-party script that you place into your site code as a potential threat. Especially those that (like ad scripts) allow others (who you don’t even know) to place content (banners, widgets) on your site.”

Post Comment   Private Reply   Ignore Thread  

TopPage UpFull ThreadPage DownBottom/Latest

#1. To: A K A Stone (#0)

Google acts pretty quickly against scam advertisers, considering the huge volume of advertisers they have.

They also blacklist infested websites very quickly and will block you from visiting those sites until they get cleaned up. Usually, a corrupted website got hacked in some way and malicious Javascript got injected into every page. Google puts it on the blacklist to warn users about it before they can load a single page from that site, sends a notice to tell the webmaster to clean it up, and quickly pulls down the blacklist as soon as it is fixed. The webmaster can fix his site and quickly resubmit it to Google so they can remove the blacklisting.

Google's whitelist/blacklist is actually a valuable anti-hacking resource for users. It's a Good Thing.

Tooconservative  posted on  2015-01-19   11:25:25 ET  Reply   Trace   Private Reply  

TopPage UpFull ThreadPage DownBottom/Latest

[Home]  [Headlines]  [Latest Articles]  [Latest Comments]  [Post]  [Mail]  [Sign-in]  [Setup]  [Help]  [Register] 

Please report web page problems, questions and comments to webmaster@libertysflame.com