Government Startup Site Linked To Malvertisement

Pichayada Promchertchoo,

StartUp Britain website inadvertently served up a malware infested ad for fake anti-virus software

StartUp Britain, the government-backed website promoting enterprises in the UK, inadvertently linkeed to fake anti-virus software, once again raising concerns over ‘malvertisements’.

The malicious link appeared in an article about US investor Warren Buffet when the site was launched earlier this week, according to security firm Sophos.

It took users to a third-party website, bankling.com, where they were redirected to another page hosting a fake anti-virus programme. Users would see a pop-up message saying their computer was infected and that they should download a fix, which was in fact a malware in disguise.

However, only Internet Explorer users were affected by the exploit, while other browsers such as Firefox did not receive any impact.

Malvertisement

Acknowledging the malware incident, StartUp Britain said the malicious link has already been removed.

“There were some issues with a link on the website at the launch. This issue has been addressed and any links that were not operating as intended have been amended or removed,” the group told BBC News.

The incident has been linked to the growing number of ‘malvertisements’ – online adverts used by cyber criminals to spread malware onto end users’ machines.

According to security firm Dasient, more than 1.2 million websites were infected by malicious software in the third quarter of 2010. As attackers shift their focus from traditional web-based attacks to malvertising, over 1.5 million ‘malvertisements’ have been served online each day.

The firm also predicted that cyber criminals will become even more aggressive in using drive-by-downloads and fake anti-virus scams to attack users as social media proliferates this year.

Malware attacks

Last week, digital-music service Spotify was attacked by malvertisements distributed through a third-party ad network.

Automatically, the advert downloaded malware onto users’ computers without requiring any kind of their interaction.

A similar incident was also reported by visitors to the London Stock Exchange website, which was hit by booby-trapped adverts earlier this year.

According to reports, ‘malvertising’ allows cyber criminals to use legitimate websites to spread malware in the background without directly compromising the sites.