Daily cyber threats and internet security news: network security, online safety and latest security alerts
August 28th, 2008

Malware Served Through Flash Exploits By MSN Norway

Morten Krakvik from the Norwegian Honeynet Project is reporting that MSN Norway is among the latest victims of malvertising, a practice where a bogus advertising provider tricks leading portals into accepting advertisements from its network, which often end up redirecting to live exploit URLs. The recent wave of malvertising that also targeted Digg, MSNBC and Newsweek, is very similar to the malvertising campaigns that took place in February which were targeting popular sites as Expedia, Excite, Rhapsody and MySpace. The only thing the malvertisers keep changing are the fake security software domains that they push through their campaigns.

Vulnerable Flash player versions are:

Adobe Flash 9.0.16
Adobe Flash 9.0.28
Adobe Flash 9.0.45
Adobe Flash 9.0.47
Adobe Flash 9.0.115

According to Krakvik’s analysis, the malicious ad came from which is still active (do not visit it) and serving the malicious ad file tunnel28.swf. Currently it is detected by 9 out of 36 anti-virus scanners as SWF:CVE-2007-0071, or SWF.Exploit.

Users are advised to patching their operating system, browser, Flash player and use browser extensions like NoScript for Firefox, as we mentioned countless times before.

Share this item with others:

More on CyberInsecure:
  • Scareware Malvertizements Approved By Google And Microsoft Ad Systems, Served On,
  • Fake IE 7 Update Spam Installs Malware
  • Fox Sports Web Site Infected, Injected Code Serves Exploits
  • MSN Messenger Used As Lure In Another Malicious Spam Wave
  • Adobe Fixes Clickjacking Vulnerability In Flash Player 10

  • If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Malware Served Through Flash Exploits By MSN Norway

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.