MCPMag.com

Sign up for our newsletter.

I agree to this site's Privacy Policy.

News

Microsoft Takes on Malvertising

Microsoft last week filed a civil lawsuit against five companies for allegedly spreading malicious online advertising.

The case centers on the practice of "malvertising," where an online ad directs a user to a Web site with malicious code after being clicked. The defendants named in Microsoft's lawsuit, filed in Seattle's King County Superior Court, include Soft Solutions, Direct Ad, qiweroqw.com, ITmeter INC and ote2008.info.

Malvertising typically leads to "scareware," a pop-up notice on a Windows machine telling the user about a security threat. The notice directs the user to download an "antivirus program" that may turn out to be malware.

Microsoft is asking the court to shut down these companies because they allegedly used Microsoft's AdManager service, which filters and conveys ads on Web sites. Redmond contends that the defendants used AdManager as a platform to launch attacks.

The lawsuit is "vitally important because online advertising helps keep the Internet up and running," according to Microsoft's Associate General Counsel Tim Cranton, in a blog post. "It's the fuel that drives search technologies. It pays for free online services like Windows Live, Facebook, Yahoo and MSN."

Cranton added that "fraud and malicious abuse of online ad platforms are therefore a serious threat to the industry" and to those who use such free or low-cost services on the Internet.

Tyler Reguly, a security research engineer at nCircle, wonders if the whole tech ecosystem has gone overboard with monetizing the Internet. Advertisements of all kinds get pushed to make money, so that in the current environment, users can scarcely see a page load without stumbling upon ads. And some of those ads are questionable, even on legitimate sites.

"Malvertising is definitely a growing trend and a dangerous one, but at the same time, I don't know that a civil suit will really accomplish much beyond bringing attention to the issue, but that may be Microsoft's goal," Reguly said.

Microsoft has also tried to protect its ad platform from "click fraud," where ads get clicked repeatedly by a person or program to increase costs for advertisers. The company filed a civil lawsuit over the matter in June. 

While court battles rage on, software security companies remain on the front lines.

"Microsoft has made this a legal issue by bringing action in the courts, but the issue still remains at the core a technical matter," said James Michels, vice president of marketing at security service firm ANXeBusiness. "As cyber crime becomes more sophisticated, the burden falls on security companies to develop and distribute better protection through products and services. And ultimately end-users -- or their IT departments or partners -- are responsible to stay abreast of threats and maintain proper protections."

About the Author

Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.

comments powered by Disqus

Reader Comments:

Thu, Sep 24, 2009 Devon San Jose

Las Vegas: I disagree with you, I think he makes a very valid point. Besides, by making their softwares security easier to surpass, opens up the obvious issue of being able to exploit it. This just leads to a whole wealth of security problems. You are obviously an open source activist! You need to take some of your own advice. Use your brain!

Tue, Sep 22, 2009 Las Vegas

This dude James Michels at ANXeBusiness isn’t very smart. The subject matter of the suit is fraud not computer security. What is Microsoft suppose to do, make their software so tight you can’t have the free will to enter into agreements? It's hard enough doing what you want already with all the security they've implemented. Yea blame it on Microsoft. Kudos to the journalist for even adding what this guy James Michels had to say. Use your brain man.

Add Your Comment Now:

Your Name:(optional)
Your Email:(optional)
Your Location:(optional)
Comment:
Please type the letters/numbers you see above