Details of hijacked 24/7 ad server emerge

The attack should be a warning to the Web, said Andrew Storms, director of security operations at nCircle Network Security.

Ground control to major mess

Tripod places ads on sites hosted under its free plan; customers who pay hosting fees, however, do not have ads stuck on their sites' pages.

It's not known if the only sites served with ads containing the IFrame were Tripod's. There were hints, however, that Tripod might not be the only tainted domain. Last Wednesday, for example, NASA issued a warning to workers of a surge in attacks on Windows PCs running Internet Explorer and RealPlayer. According to the space agency's bulletin, the attacks had come from "well-known news sites which may be hosting advertisements from ad servers that redirect the users to malware hosting sites." Friday, NASA spokesman Mike Mewhinney declined to name the news sites the agency suspected of displaying rogue ads.

Because 24/7 Real Media's ad research is significant, the IFrame-infected ads may have been placed on a large number of Web sites. According to the most recent data from Internet audience measurement firm comScore, 24/7's ads reached 50% of all Americans online last month. The company's reach placed it at No. 15 on comScore's September Top 50.

24/7 Real Media did not respond to e-mails sent Friday and Sunday.

Symantec couldn't pin down the start date of the attack, but it did note that the malicious site had hosted exploit code since at least Oct. 8. "There is a possibility that this IP [has been] controlled by the same attackers for quite some time and that they are using it to launch numerous low-key attacks," said Adams, Ball and Roe.

Late Friday, RealNetworks issued a patch for RealPlayer 10.5 and the RealPlayer 11 beta. It also urged users of earlier versions to first upgrade to 10.5 or 11, then apply the patch. Only Windows versions of RealPlayer are vulnerable, RealNetworks said in its advisory; Mac and Linux versions are not at risk.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Gregg Keizer

Computerworld
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?