14 Dec 2010

DoubleClick ads feature hidden malware

An internet security company recently discovered that DoubleClick, an ad technology owned by Google, has been distributing malware, Wired reports. According to the researcher who discovered the attack, the service spreads malware through several websites.

The malware infects users through a drive-by download, which means users don’t have to click a link to be infected. They simply have to visit the website when the infected ad appears on the page.

“The malicious advertisement, for gift cards, originates from a bogus advertising agency called AdShufffle, with three f’s [sic] in the name. The name appears to be playing off legitimate advertiser AdShuffle,” wrote Kim Zetter for Wired.

The infected ad promotes a gift card for Target.

Once a user is infected, they receive a fake Windows warning message on their screen, informing them their machine is infected with malware. It then attempts to convince the users to purchase a rogue antivirus software.

Google acknowleged the issue and said it recently detected malware through DoubleClick. It is unclear whether it was the same malware strain.

DoubleClick is no stranger to malware. In 2007, a German marketer was caught spreading malware through an ad on the service. That malware strain also used scareware methods to coerce users into purchasing rogue antivirus software.