Aiming to crack down on a growing problem, Microsoft said it filed five lawsuits Thursday against parties it suspects of posting online advertisements laden with malicious code.
Microsoft has tried to work with ad networks to thwart such "malvertising" in the past, but this is the first time it has gone to court.
"Our filings in King County Superior Court in Seattle outline how we believe the defendants operated, but in general, malvertising works by camouflaging malicious code as harmless online advertisements," Microsoft Associate General Counsel Tim Cranton said in a blog posting.
In each case, Microsoft is suing the unknown parties responsible for the ads.
"Although we don't yet know the names of the specific individuals behind these acts, we are filing these cases to help uncover the people responsible and prevent them from continuing their exploits," Cranton said.
In the past week, The New York Times' Web site was hit with a rogue advertisement that told readers that their computer may be infected with a virus and redirected them to a site that purports to offer antivirus software.
"Scareware is often distributed among criminals, which therefore results in many of the animations a user may see utilizing a common design and interface," a Microsoft told CNET News. "However, without additional information and specific details about the attacks, we cannot be certain that any of today's filings directly relate to the attacks on The New York Times' Web site."
Microsoft likened the latest lawsuits to prior legal action that it has taken against those suspected of click fraud or instant messaging spam.
"This work is vitally important because online advertising helps keep the Internet up and running," Cranton said. "It's the fuel that drives search technologies. It pays for free online services like Windows Live, Facebook, Yahoo, and MSN. Fraud and malicious abuse of online ad platforms are therefore a serious threat to the industry and for all consumers and businesses that rely on these free services."
Russia has passed China to become the largest generator of spyware and other malicious code, according to a report set to be released on Friday.
(Credit:
PC Tools)
Security software maker PC Tools says that Russia now accounts for 27.9 percent of such software, compared with China's 26.5 percent. The U.S., which had been the second largest producer in prior surveys, is now in third place, accounting for a hair less than 10 percent of malware.
Russia is also known as a hotbed for junk e-mail, known as spam.
PC Tools said that the death of Russian Business Network, a well-known malicious software distributor, has not slowed that country's production of malicious code.
"The vacuum left by the RBN has been filled by other malware distributors," PC Tools malware analyst Sergei Shevchenko said in a statement. "The bottom line is that there are more viruses and spyware coming out of Russia now than ever before and the complexity of this malware is also increasing."
In fact, he said, the now-defunct organization was easier to track than the smaller outfits that are filling its shoes. "Now we are seeing Russian malware hosting services being advertised for servers in Malaysia, China, Panama, Singapore, Thailand, Turkey and India."
For-profit attacks have been on the rise, particularly those targeted at small groups or individuals.
Below is a list of the top 10 malware-producing countries, while PC Tools has an interactive world map on its site.
1. Russia - 27.89 percent
2. China - 26.52 percent
3. United States - 9.98 percent
4. Brazil - 6.77 percent
5. Ukraine - 5.45 percent
6. United Kingdom - 5.34 percent
7. France - 3.81 percent
8. Germany - 2.14 percent
9. Sweden - 1.6 percent
10. Spain - 1.37 percent
Scams designed to steal identities, data and ultimately money from Internet users continued to rise steeply in the first half of this year, according to a report released on Tuesday by Microsoft.
The company's Security Intelligence Report, a broad look at the computer threat landscape, shows a continued focus on attacks aimed at making a profit, rather than simply generating fear or gaining notoriety.
According to the study, there were 31.6 million detected phishing scams, more than double those found in the prior six months. There was a more than five-fold increase in the types of malicious code used to install trojans, password stealers, keystroke loggers and other malware.
"Some of these challenges are created by the fact the operating systems are more secure, which has caused the bad guys to look at other attack vectors," said Scott Charney, Microsoft's vice president of trustworthy computing.
What's clear is that the overall problem of users finding their machines compromised is not getting better. Microsoft can get a rough estimate of how many users have infected systems by assessing the PCs that are scanned using its free Malicious Software Removal Tool. Malware was removed on one out of every 217 computers scanned in the first half of 2007. That compares from just one in 409 PCs that was infected during the prior six months.
And while operating systems are getting more secure, threats are moving to the applications layer, a move that could actually make computers harder to secure. "It's often the applications that contain the information that is important to the user," Charney said. In addition, while there are only a few large companies that create most major operating systems, there are thousands of companies that create applications, ranging from huge software vendors to individuals working out of their homes.
"It is a much bigger challenge," Charney said.
Outside experts have been particularly alarmed by the rise in very targeted attacks, those aimed at a specific individual or organization.
In the short term, Charney said much of Microsoft's efforts are around publicizing the types of social engineering tips used by the bad guys and to developing more automated tools like its phishing filter that can prevent scams from reaching consumers eyes in the first place.
Over time, though, the industry needs to find better means than user name and password to assess someone's identity as well as ways of separating authentication away from things like birth dates and social security numbers. "Longer term, what we need to do is figure out different ways to validate claims," Charney said. Neither businesses nor consumers have shown much stomach, however, for the kinds of improved authentication mechanisms that could help. "We're far removed from that because the business infrastructure isn't there today."
- prev
- 1
- next
