A new malware ad has managed to sneak its way onto Doubleclick’s DART ad publishing system, which means it’s been showing up on several legitimate websites, including Major League Baseball, The Economist, and Canada.com. It doesn’t require user interaction to be triggered—as soon as it’s loaded into the page, it initiates the redirect, closes your browser window, and starts bullying you to install “anti-virus” software. It will even attempt to download a virus-laden .exe file, naturally.
The redirect isn’t triggered on every visit, so it’s been hard to track, but watch the video for a walkthrough of what exactly happens. The easiest thing to do to get out of the malware loop is force-quit your browser—it’s likely you can even go back to the website you were on and not have to worry about the ad being triggered again. But it’s embarrassing for DoubleClick (and troubling to us) because it shows they don’t have the ability to screen and catch malware that’s hidden inside Flash files. The company has announced that it’s implemented a new security system to catch and disable these ads, but it hasn’t yet confirmed that it can identify similar ads in the future that might use the same technique.
“Canada.com Infected With Trojan-Installation Browser Hijack” [Sudosu]
“Rogue Anti-Virus Slimeballs Hide Malware in Ads” [Wired]