How A Legit Website Starts Distributing Malware

If you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!

You hear and see more and more of it. Huge internationally, renown websites fall victim to distributing malware to their visitors via malicious advertisements. Currently it’s the #1 way to distribute malware and not a lot can really be done about it. Here are the 2 most popular ways malicious ads can ruin your online reputation with your users and search engines:

Method 1:

1. A person or group contacts you (or your advertising dept) and buys ad space.

2. Your advertising dept receives a flash advertisement that looks perfectly safe and harmless.

3. The ad is approved.

4. Later that day a script is triggered in the flash animation to automatically download a malicious .exe (like fake-av.exe) as soon as the user (like mom or pop) visits the web site. In some instances users may be redirected to a site that loads a barrage of exploits against the users PC. This is far worse than 1 malicious .exe of course.

5. The site administrator may or may not be alerted quickly to the site hijacking.

6. All it takes is just a few seconds or minutes to infect thousands of visitors.

7. The malicious ad is removed, but it way too late.

Obviously the easiest way to defend against this type of hijacking is just to say no to any scripted advertisements. This will cut down on maliciously scripted ads, however it also cuts down on good advertisers willing to pay good money for ad space. It’s a tough choice.

Method 2 – this is nearly impossible to deal with…

1. A person or group contacts you (or your advertising dept) and buys ad space.

2. Your advertising dept receives a flash advertisement that looks perfectly safe and harmless.

3. The ad is approved.

4. Later that day the landing page for the ad is switched to a malicious landing page.

5. When a visitor clicks the ad they may now be subjected to whatever is on the new malicious landing page.

6. Again, the website administrator may or may not be alerted to the malicious ad in a timely manner.

7. The malicious ad is removed, but it way too late.

Keep in mind that I’ve only discussed 2 ways malicious ads can ruin your online reputation. They are many more.

For other tips on protecting your website stop by my blog at remove-malware.com. I also have another blog I’m working on that centers on netbook comparisons and netbook windows 7.

Article Source:http://www.articlesbase.com/security-articles/how-a-legit-website-starts-distributing-malware-1399154.html