Daily cyber threats and internet security news: network security, online safety and latest security alerts
March 25th, 2011 Software Hit By Malicious Third-party Advertisements, Around 9 Million Users Affected

Spotify users have fallen victim to a drive-by download attack instrumented via malicious ads displayed in the free version of the software. Spotify is a popular music streaming service with over 10 million registered users. It can be accessed via proprietary software available for most desktop and mobile operating systems. It’s estimated that around 9 million users have free accounts meaning they receive advertisements inside the software.

Starting yesterday people began seeing malware alerts from their antivirus programs when using the Windows version of the Spotify client. The problem was tracked back to malicious third-party advertisements displayed inside the application. Netcraft reports that at least one Java exploit was used to install malware on people’s computers.

Apparently the rogue ads loaded the Blackhole exploit pack, one of several drive-by download kits used by malware distributors. “We’re currently investigating and have pulled all third party display ads that could have caused the problem until we locate the specific advert,” Spotify told The Register.

Malicious advertising (malvertizing) is an increasingly common malware infection vector and one that has the potential to reach a large number of users very quickly. Malvertizing attacks are normally carried out in two ways, impersonation or ad server compromise. Impersonation involves attackers posing as legit advertisers in order to get their ads onto ad networks and then push malicious content through them.

On the other hand some websites maintain their own advertising servers, usually running OpenX software, which allows them to sell ad space directly. Attackers can exploit security holes in these servers if left unpatched and push their rogue ads onto websites.

In order to be protect themselves from drive-by downloads and malvertizing users are advised to keep all of their software, including the operating system, up to date. Browsing the Web with a capable antivirus product installed is also a must.

Credit: News

Share this item with others:

More on CyberInsecure:
  • TweetMeme Hit By Malvertisement, Users Redirected To Fake Antivirus Pages
  • Number Of Infected Websites Almost Doubled During The Second Quarter
  • Tucows Falls Victim To OpenX-Based Malvertizing Attack After The Pirate Bay, eSarcasm And AfterDawn
  • ValueClick to Pay $2.9 Million in Spam Case
  • Kaspersky Website Infected, Redirects Visitors to Fake AV Download

  • If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Software Hit By Malicious Third-party Advertisements, Around 9 Million Users Affected

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.