Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror

Malware Installed by LiveJournal Ad 199

Posted by CowboyNeal
from the egg-on-face dept.
Jamesday writes "LiveJournal recently introduced an ad-supported level. Over the last few days an advertiser used an ad to install the ErrorSafe malware that tried to trick people into believing they had a fault on the computer that needs them to purchase a fix. The ad used a server-side setting and targetted only those outside the US, to prevent LiveJournal's own checks from noticing it. LiveJournal has apologized for the ad and slow response." Even our readers have had to endure more than one browser-crashing ad campaign from time to time. Thanks for sticking around.
This discussion has been archived. No new comments can be posted.

Malware Installed by LiveJournal Ad

Comments Filter:
  • by Khyber (864651) <techkitsune@gmail.com> on Saturday June 24, 2006 @10:55AM (#15596432) Homepage Journal
    I use an ad-supported LJ account, and the mentioned advertisement was made in flash. I had to deal with it a couple of days ago. Hoo-ray for security holes. Can't we just sue the ad company for unauthorized usage of our computer's resources?
  • Just one ad? (Score:5, Interesting)

    by misleb (129952) on Saturday June 24, 2006 @11:11AM (#15596497)
    I once played this web based role playing game a while ago. It was just a so-so game, but one exceptional thing I did notice was that while playing from a Mac I would get randomly named .exe files downloaded to my desktop. Turns out that ads on this game site were just full of malware. Visiting from a Windows computer, I was getting prompted to install crap. So I went to report it on their forums and find out what was being done about it. They didn't care! The site maintainers claimed there was nothing they could do about it. It was their ad provider's fault. All they could say was "you should be running malware protections.." Needless to say, I was outraged by this irresponsibility. I told them off and never visited their god forsaken site again.

    How can you NOT take responsibility for malware spread through your own site? I understand that people contract out ads, but geez, come on. No need to draw from the bottom of the barrel.

    -matthew
  • by mpcooke3 (306161) * on Saturday June 24, 2006 @11:11AM (#15596504) Homepage
    Heh, sometimes they do - but you'd be amazed at what goes on in the online advertising world.
    One advertising company I used to work for once had a request to configure an ad campaign to run each advert for 30seconds then switch the advert the user was viewing to a different one.

    Only later did we discover it was to bypass a websites manual safety check, where they check each advert complies with their rules by watching it for 20 seconds.
  • Re:Breaking News (Score:2, Interesting)

    by cryfreedomlove (929828) on Saturday June 24, 2006 @11:25AM (#15596546)
    Tell us why Communism is more moral than Capitalism.
  • Re:Breaking News (Score:4, Interesting)

    by Anonymous Coward on Saturday June 24, 2006 @11:39AM (#15596610)
    Because stealing other people's property, censorship, and outright murder is moral.

    Don't confuse communism the theory with the dictatorships the claim to be communist. Communism as a theory disclaims most if not all personal property rights, but it has nothing to do with Murder and Censorship, any more than Capitalism has to do with monitoring bank records and tapping phone calls.

    Which doesn't mean I'm pro-communism. The problem with communism is motivation, without the acquisition of something as a goal, what motivation do people have? Who assigns people tasks? Who says the community is best served by Jon running the cash register and Joe cleaning septic tanks? Its a system that sounds great in theory but works like crap in practice

    At the same time, there's nothing terribly moral about capitalism either. In an ideal capialist society, The sick, old and infirm are left to die. The people in a capitalistic society may be moral and charitable, setting up orphanages to help stranded children, feeding and housing grandma even when she ran out of savings, but thats not Capitalism.

  • by Anonymous Coward on Saturday June 24, 2006 @11:51AM (#15596641)
    These jokers [pointroll.com] tried for hours to convince me to install a fairly innocent looking HTML file on my server.

    What it does is circumvent the Javascript protection between an iframe and the page it lives on. It gives full access to your site DOM from inside the iframe. The reason is so that their content can "expand out" of the iframe and cover part of the page content.

    They claim they don't read your cookies, but that's as far as their "guarantee" goes. Someone malicious on their side could easily read those cookies or access form data, etc.

    So my point is - this problem is only going to get worse as advertisers look for more and more obnoxious ways to stick ads in your face.

    Finally, the sales lady realized that the site I work for doesn't run ads that expand out of an iframe and admitted that they have an alternative which doesn't require the awful Javascript hack. So it worked out for me in the end. The scary thing was she listed some huge high-profile sites that *did* install their file.

    You can read their justification here [pointroll.com].
  • Re:simple fix (Score:2, Interesting)

    by Draelen (920902) on Saturday June 24, 2006 @12:24PM (#15596768)
    I think a better way to deal with flash is to use the FlashBlocker plugin for Firefox
    All flash-based ads get replaced with a placeholder and a little play button, then you get to selectively enable the ones which you require - http://flashblock.mozdev.org/ [mozdev.org]
  • Cyberterrorists (Score:3, Interesting)

    by paulproteus (112149) <slashdot@NosPam.asheesh.org> on Saturday June 24, 2006 @12:37PM (#15596829) Homepage
    Companies like this make the Internet a frightening, dangerous place. They literally attempted to crack into people's computers without their consent.

    Why don't we sue them into the ground as pursuing cyberterrorism as a business model?
  • As Keynes said... (Score:3, Interesting)

    by CarpetShark (865376) on Saturday June 24, 2006 @12:51PM (#15596897)
    "Capitalism is the extraordinary belief that the nastiest of men, for the nastiest of reasons, will somehow work to the benefit of us all."
  • Re:Breaking News (Score:1, Interesting)

    by Anonymous Coward on Saturday June 24, 2006 @12:55PM (#15596914)
    While humans are the cause of failures of idealist systems like capitalism and communism, it cannot be said that these systems run counter to human nature. Humans have the capicity for change. "Human nature" is neither a constant value from human to human nor immutable within a given human. If it were, humans would be nearly identical. Clearly someone like Hitler or Stalin does not have the same underlying "nature" as someone like Siddhartha Gautama or Ghandi.
  • Re:Breaking News (Score:3, Interesting)

    by ByteGuerrilla (918383) on Saturday June 24, 2006 @01:01PM (#15596947)
    Indeed so. Are humans inherently selfish, or does prolonged exposure to 'dog-eat-dog' systems such as Capitalism breed selfishness amongst humans.
  • Re:Just one ad? (Score:2, Interesting)

    by Anonymous Coward on Saturday June 24, 2006 @02:16PM (#15597261)
    Sounds a lot like Outwar to me. I joined that game in about the 6th month of its existance. It was alright for a month or two, but it went downhill from there. In order to even survive in the game, you needed to use "points" at a special store that gives you upgrades, like the ability to go to the forums, or getting more attacks per hour, or increasing the amount of money you could store in the bank, etc. You could buy points at $5 for 100 points, but they also had some offers to get free points. The least intrusive were the ones where you simply went to a site for 30 seconds until it gave you the code to use. Some others had you sign up for a free site and type in the missing words from the welcome message to the site. It was all right for a while.

    However, after a couple of rounds, the "free offers" became completely unacceptable. You had to sign up for a magazine subscription, or sign up for Ebay, or something else decidedly not free. Worse yet, they had no tracking system whatsoever, so there was no way to verify that you actually signed up for it. I never met a single person who received their points for signing up for one of those offers. People who complained on the forums got suspended or even banned.

    At one point, they started promoting a new offer, one that required the installation of software onto your PC. They claimed that if you just let the program run passively, you would receive special tokens that could later be used in a future section of Outware (which had not been built yet). I was about 12 at the time, so I got suckered into it. As it turns out, not only was it spyware that used your personal e-mail address to spam other people, it was a full-blown virus! Even worse, nobody ever receieved "tokens" for it, and the section of the site to spend those tokens was never built. Once again, complaining about it on the forums could get you suspended or banned.

    After a while, the only truly free point offers were the simple 2-points-apiece ones, and they didn't even work. In addition, it changed so that you couldn't spend free points on basically anything anymore - you had to use points you paid real money for.

    To be honest, I'm glad I accidentally got my account banned. I wasted too much of my life on that immoral site.
  • Re:weak effort (Score:2, Interesting)

    by Ciaran_H (579351) <ciaran-slashdot.theblob@org> on Saturday June 24, 2006 @05:45PM (#15598036)
    I was the user who posted the entry in no_lj_ads, and commented on the post in lj_ads.

    I know you're probably not referring to me, but for reference, I'm not LiveJournal staff and nor do I play one on TV. I hate LiveJournal ads and I wish they would get rid of them already.

    Just to clear things up for anybody who was wondering.
  • Re:Breaking News (Score:3, Interesting)

    by notque (636838) on Saturday June 24, 2006 @06:49PM (#15598241) Homepage Journal
    The social and behavioral sciences should be seriously studied, not only for their intrinsic interest, but so that the student can be made quite aware of exactly how little they have to say about the problems of man and society that really matter.
    --Noam Chomsky
  • by Anonymous Coward on Saturday June 24, 2006 @10:15PM (#15598903)
    The Christians aren't the only ones to provide an absolute set of morals. Why are yours the right ones?

I have not yet begun to byte!

Working...