This is a pretty sad piece of news for the Mountain View search giant Google, the company which struggles to obtain the investigators' blessing to acquire DoubleClick: the famous
advertising firm distributes infected ads on famous pages such as CNN and The Economist, eWeek reported today. It appears that the adverts published on these websites encourage users to buy and install software products to remove an inexistent infected file discovered on their computers. I'm sure you saw at least one "Hi! Your computer is infected with ****. Buy and scan with **** to clean your computer!" advert, many of the consumers being really naive as they pay to acquire the software.
According to the same source, the malware application which makes the adverts appear on the websites is WinFixer, "a piece of malware that pretends to be a diagnostic tool," as Lisa Vaas of eWeek reports. Security company Sunbelt reported that the ads were first seen on November 11 with DoubleClick confirming them but saying that a recently-released technology supposed to remove them was already rolled out. It seems like no less than 100 malicious ads were already shut down, DoubleClick looking to find even more.
Sure, now comes the most important question of this report: who's responsible for the dangerous ads appearing on such popular and clean websites? DoubleClick's representatives sustained their company is not the one which brings the adverts online while the pages displaying them are not responsible for the content provided by the advertising platform. So, it's only up to the publisher who advertises its material through DoubleClicks product.
"We view the security aspect as one part of our service, but we make it clear to [clients] that they have to do sufficient quality assurance. They have to be checking with advertisers to make sure they're legitimate, and to make sure the creative is not malicious," said Sean Harvey, senior product manager for DoubleClick's ad management platform., according to eWeek.