backtop


Print 46 comment(s) - last by iFX.. on Nov 19 at 9:38 AM


  (Source: www.grokdotcom.com)

Google sold ad space to this known malware site with its AdWords service. The oversight indicates Google has little filtering of what it sells links to.  (Source: Maximum PC)
Sale of ads to known malware site an embarrassing slip for internet giant Google

Search giant Google is known for its "do no evil" approach.  It goes to great lengths to protect the environment and it blocks sites on lists of known malware sites from being searched.

However, security researchers made an alarming discovery of a major slip-up for Google.  The site had allowed a known malware site to buy text ads and was placing these ads on its partner pages through its Google AdWords service.  The link was listed as “Antivirus XP 2008,” which led to the URL “antivirus-world-2009.com.” (Don't go there)

Why does this sound a bit familiar?  Well, "Antivirus XP 2008" happens to be the name of one of the most obnoxious malware to be developed in the last year.  The very widespread virus hides itself in users systems.  It pops up to warn them annoyingly with a fake antivirus dialog that their computer is infected with all sorts of bad things and the end may well be nigh -- or so it says.  The whole thing is really a scam, to try to get people to upgrade to an equally fake "pro edition". 

Getting rid of the virus is even more of a pain, as it does have one thing in common with antivirus software -- it regularly connects to the internet and updates itself.  However, unlike AV software, it updates itself to better evade virus scans.

While those familiar with computer security may spot the name instantly, the legitimate sounding Google link likely fooled many users.  The oversight is particularly impressive, considering the malware was listed under its own well known name.

Interestingly, Google searches for the site turned up no results, showing a dichotomy in that Google blacklisted the site from its search, but did not prevent it from advertising.

A Google spokesman responded to the incident, stating, "Google is committed to ensuring the safety and security of our users and our advertisers. As soon as we are aware of any violations of our policy, we work quickly to investigate and remove sites that serve malware in both our ad network and in our search results. As such, we've removed this site from our ad network."

Sure enough the ad was removed.  However, the oversight has left many wondering -- was this an isolated incident or the sign of a bigger problem?  In the end it's rather amazing considering how powerful and savvy Google currently is, that it either has little filtering or has a highly inaccurate filtering system of what sites are allowed to be advertised.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: DAMNIT GOOGLE!!
By foolsgambit11 on 11/14/2008 8:12:57 PM , Rating: 2
Was it a big mistake?

I mean, it's one thing to actively check out searched sites for malware, it's another to turn down money. It may be that they deliberately put 'ensure advertisers aren't evil' low on the priorities list. You know, you want to get around to checking them all out, but it's a big list, and wouldn't you rather be developing Google Goggles or a Bork-bork-bork! language home page than hunting down malware distributors from among your contributors?


"If you mod me down, I will become more insightful than you can possibly imagine." -- Slashdot

Related Articles













botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki