Microsoft Files Five Lawsuits To Halt Malicious Advertising
In an effort to protect Windows users, Microsoft is suing unidentified scammers for distributing malware through online ads.
Microsoft on Tuesday filed five civil lawsuits in Seattle's King County Superior Court to combat malicious online advertising, or malvertising.
The lawsuits allege that an unknown number of individuals using various business names distributed malicious software through Microsoft AdManager, the company's online advertising platform.
More Security Insights
- How Attackers Identify and Exploit Software and Network Vulnerabilities
- Cloud Security: It’s Not Just for IT Anymore
- The New Wave of DDoS Attacks: How to Prepare and Respond
- Unruly USB Devices Expose Networks to Malware
"These ads then lead to harmful or deceptive content," said Microsoft associate general counsel Tim Cranton, in a blog post. "For example, ads may redirect users to a Web site that advertises rogue security software, also known as scareware, that falsely claims to detect or prevent threats on the computer."
Cranton says that malicious ads can also infect vulnerable computers with Trojan software, which can steal data, hinder operation, or turn computers into zombies, or bots.
Click Forensics, a company that tracks click fraud, on Thursday said that it had discovered a 200,000 computer botnet -- a group of compromised computers harnessed to work in unison -- linked to the Microsoft lawsuits. In a blog post, Steve O'Brien, VP of sales and marketing at Click Forensics called it "one of the most advanced sources of click fraud we've seen."
The botnet, known as the "Bahama botnet" because it at one time directed online traffic through computers in the Bahamas, is believed to be linked to the malicious advertising that appeared on the New York Times Web site several days ago, according to O'Brien.
Although O'Brien suggests that the cyber crime group believed to be responsible is located in Ukraine, Richard Boscovich, senior attorney at Microsoft for Internet safety enforcement, said in a phone interview that it's not clear where the people responsible are located.
In early 2008, Niels Provos, a security engineer at Google, said in a blog post that about 2% of malicious Web sites were distributing malware through advertising, based on an analysis of about 2,000 known advertising networks.