Rogue Advertisement Pushes Scareware to NYTimes.com Readers

For about 24 hours over the weekend, The New York Times site was serving up fake security software (scareware).
In a message posted to Twitter and a note on its NYTimes.com site, the newspaper blamed a rogue advertisement for the malware blast:

For about 24 hours over the weekend, The New York Times site was serving up fake security software (scareware).

In a message posted to Twitter and a note on its NYTimes.com site, the newspaper blamed a rogue advertisement for the malware blast:

 

Some nasty ads have hit the Web browsers of visitors to NYTimes.com and some other sites in recent days. The ads, which are not authorized or endorsed by The Times, can hijack a person’s browser and make it appear as if a scan for viruses is running. The ads then promote “antivirus” software that is itself virus-like. The Times believes it has eliminated these ads, but if they popped up on your screen, here’s what you need to know about your computer’s security.

While all of the details of how these particular ads operate are not yet clear, it is unlikely that they pose a real threat to Mac or Linux computers, since the downloads they try to push appear to work only on Windows machines. If you are a Windows user and saw a suspicious antivirus warning on your screen, it is possible that the ad’s creators infected your computer with a malicious program, even if you avoided all contact with it. 

Trend Micro has some more information on the rogueware behind this attack.

Also see Dancho Danchev’s ultimate guide to scareware protection.

Suggested articles

Threatpost News Wrap, January 20, 2017

Mike Mimoso, Tom Spring, and Chris Brook discuss security-wise what they hope will and won’t change under a Trump presidency, then discuss the news of the week, including SHA-1 deprecation, Carbanak’s return, and the WhatsApp “backdoor” debacle.

Discussion

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.