Friday, 16 January 2015

Google Adsense Used For Malicious Ads

Cybercriminals have used Google Adsense to display ads on all sorts of malicious websites that visitors to these sites for several scam sites by sent. Numerous webmasters complained about the ads that ensured that visitors were redirected automatically.

The scam sites where visitors ended up offered all kinds of products to lose weight, aging combat, combat skin problems or improve IQ. The websites looked like blogs and magazines with so-called scientific studies and research on the products, complemented by all kinds of false responses from people who supposedly had tried the products.

The problem with the malicious ads would play since mid-December, but was last Friday, January 9th widely felt. On the Google AdSense forum, more than 180 responses from angry webmasters inside. Webmasters who use Google Adsense on their websites and see how visitors were redirected by the malicious ads.

On January 10, Google would have solved the problem. According to security firm Sucuri used the attackers behind the attack two legitimate AdSense campaigns, they probably via guessed or stolen credentials managed to hijack. However, it is not excluded that the scammers Adsense accounts have created yourself and initially did occur that it was legitimate campaigns.

Researcher Denis Sinegubko of Sucuri is wondering why Google allows advertisers may use this type of potentially dangerous code. "I realize that Google advertisers flexibility in managing their campaigns and the use of scripts will give their own pages. And I realize that at the first check these scripts did nothing malicious, and is only misbehaved after they were approved. But there would have to be more in control of third-party scripts. "

Sinegubko further notes that nobody likes ads, but they are indispensable for many websites. "I will not tell you to remove all ads from your site," he says to webmasters. "But I ask you to think about the safety and reputation effects that may have bad ads for your site. Consider each script from a third party that you place on your website as a potential threat. Especially those scripts that others who do not knows, allow you to place content on your site. "

No comments:

Post a Comment