Print 46 comment(s) - last by iFX.. on Nov 19 at 9:38 AM


Google sold ad space to this known malware site with its AdWords service. The oversight indicates Google has little filtering of what it sells links to.  (Source: Maximum PC)
Sale of ads to known malware site an embarrassing slip for internet giant Google

Search giant Google is known for its "do no evil" approach.  It goes to great lengths to protect the environment and it blocks sites on lists of known malware sites from being searched.

However, security researchers made an alarming discovery of a major slip-up for Google.  The site had allowed a known malware site to buy text ads and was placing these ads on its partner pages through its Google AdWords service.  The link was listed as “Antivirus XP 2008,” which led to the URL “” (Don't go there)

Why does this sound a bit familiar?  Well, "Antivirus XP 2008" happens to be the name of one of the most obnoxious malware to be developed in the last year.  The very widespread virus hides itself in users systems.  It pops up to warn them annoyingly with a fake antivirus dialog that their computer is infected with all sorts of bad things and the end may well be nigh -- or so it says.  The whole thing is really a scam, to try to get people to upgrade to an equally fake "pro edition". 

Getting rid of the virus is even more of a pain, as it does have one thing in common with antivirus software -- it regularly connects to the internet and updates itself.  However, unlike AV software, it updates itself to better evade virus scans.

While those familiar with computer security may spot the name instantly, the legitimate sounding Google link likely fooled many users.  The oversight is particularly impressive, considering the malware was listed under its own well known name.

Interestingly, Google searches for the site turned up no results, showing a dichotomy in that Google blacklisted the site from its search, but did not prevent it from advertising.

A Google spokesman responded to the incident, stating, "Google is committed to ensuring the safety and security of our users and our advertisers. As soon as we are aware of any violations of our policy, we work quickly to investigate and remove sites that serve malware in both our ad network and in our search results. As such, we've removed this site from our ad network."

Sure enough the ad was removed.  However, the oversight has left many wondering -- was this an isolated incident or the sign of a bigger problem?  In the end it's rather amazing considering how powerful and savvy Google currently is, that it either has little filtering or has a highly inaccurate filtering system of what sites are allowed to be advertised.

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

Talk about...
By MrBlastman on 11/14/2008 10:04:25 AM , Rating: 3
Extortionists on a mission. I find this quite humorous that Google has fallen ploy to their brilliant exploits. Why piss people off by making them part of a botnet, or installing keyloggers, when you can put a piece of software on their computer that annoys them through FUD while providing the solution to their annoyance on the internet - for a fee!

I must say I did fall victim to a trojan like this in the past and my real, true and only (in my eyes) solution to completely blast it from my system was a complete re-install of Windows in a new directory. It was quite obvious that all the sites advertising for a solution for the trojan were funded and hosted by the makers of the offending piece of software. If you ever see a message pop up asking for Office needing to install a language set or some other addon in order to access the website - run. It was (at the time and is still out there) used to install these spelunking trojans. Alt F4 is your friend (because the boxes don't go away by clicking cancel).

But for Google to fall prey to this - AND the extortionists to PAY for adspace, that is hooliganism at its best. I hope that Google turns over all their information to the Authorities. If they are smart, they probably paid with some pre-pay card or similar untraceable means... If not, we might have another victory in the making. :)

RE: Talk about...
By mikefarinha on 11/14/2008 10:09:03 AM , Rating: 2
I've actually had good luck installing an updated Windows Defender and free anti-virus (Avast!) to remove similar crapware.

RE: Talk about...
By MrBlastman on 11/14/2008 11:36:43 AM , Rating: 2
Likewise - but there are some particularly nasty Trojans out there, super trojans if I might say, which install a suite of different "hooks" - some of which operate independently of each other, and others whom check to see if the rest are functioning or not. If you remove one or two, or all but one, the one remaining one figures out the others are no longer there and *poof*, they magically re-appear after a reboot, or launching of an application.

These are the nasty ones, ones I hope most people never have the displeasure of experiencing. Even after running a removal app there are still lingering effects. The costs of leaving a keylogger installed without you knowing are far to great (granted a netstat -an or LSOF is useful in determining access, as is Windows Firewall or Zone Alarm of old), so really, once you've had a massive dumping of sorts into your system, the only real option is to export neccessary registry keys (the bare essentials), re-install windows to a new directory, import the keys and a few nuts and bolts, delete the old windows install and start fresh.

This is only reserved for the nastiest.

RE: Talk about...
By pakigang on 11/17/2008 4:28:35 AM , Rating: 2
You're talking about the vundos

RE: Talk about...
By nitrous9200 on 11/14/2008 4:19:25 PM , Rating: 2
Malwarebytes' Anti-Malware ( gets rid of the many variants of this crap quickly and easily, in case anyone here decided to go visit that site because they were curious. :) Removing this is one of the most frequent repairs I do in my store, and malwarebytes does the best job of getting rid of it.

"If you look at the last five years, if you look at what major innovations have occurred in computing technology, every single one of them came from AMD. Not a single innovation came from Intel." -- AMD CEO Hector Ruiz in 2007
Related Articles

Most Popular ArticlesSmartphone Screen Protectors – What To Look For
September 21, 2016, 9:33 AM
UN Meeting to Tackle Antimicrobial Resistance
September 21, 2016, 9:52 AM
Walmart may get "Robot Shopping Carts?"
September 17, 2016, 6:01 AM
5 Cases for iPhone 7 and 7 iPhone Plus
September 18, 2016, 10:08 AM
Update: Problem-Free Galaxy Note7s CPSC Approved
September 22, 2016, 5:30 AM

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki