14 DAY TRIAL // In case a virus avalanche is spotted on the web, you're usually advised to avoid visiting suspicious websites that may attempt to deploy the infection on your computer and browse only legitimate and known-to-be-clean pages. But today, it is proved once again that this security measure may not be as useful as it sounds. Several websites, including the famous social network service MySpace, have been discovered as serving malware through malicious banner ads. Of course, this is the work of some attackers because such a popular service would never do something like that.
Fully-patched systems are not vulnerable, security experts Washington Post and Sunbelt said. It seems like the entire attack is based on software vulnerabilities detected on your computer such as browser flaws or add-ons glitches, including Macromedia Flash or QuickTime.
Now, let's see how they work. The exploits are quite simple: the websites serve adverts that look legitimate, but they actually promote rogue security applications that attempt to infect your computer. "Malicious banner ads on MySpace are pushing down some of the most nefarious and difficult-to-remove adware and spyware around, including Virtumonde, WinFixer, and ClickSpring, as well as a bunch of Trojan horse programs that are very poorly identified and detected by anti-virus programs at the moment", Brain Krebs of WP wrote.
Among the victims of the exploit, we can also mention search portal Excite.com, but nobody knows for sure if other unknown websites have also been affected. So, what would be the solution to avoid getting infected while visiting such popular websites? As I've said, only the unpatched systems are vulnerable to the attacks so it would be a great idea to take your applications one by one and apply the latest patches, fixes or updates. In addition, you should install the latest virus definitions for your antivirus tool.