Yahoo!, Fox, Google serving malwares in ads
According to anti-virus firm Avast, ads provided by large providers like Google, Yahoo! and Fox are delivering malwares along with their ads. This does not affect only the three mentioned above. Avast termed this as the "probably the biggest ad poisoning ever made". The poisoning discovered by them is said to affect almost all the major ad providers.
Avast call the type of attack that these malwares are performing as JS:Prontexi – JavaScript code which initiates infection on victims computer using various vulnerabilities including latest PDF exploits. This means that users interaction is not required for infection. Infection starts as soon as ads are loaded by the browser.
According to Avast's data which they have collected from their users, yieldmanager.com (Yahoo!) and fimserve.com (Fox Audience Network) are the most compromised. Google's ad-service (double click) is relatively well off compared to the two. Smaller ad servers like MySpace etc are also not free from being compromised.
According to CNet News, representatives from Fox and MySpace declined to comment on the issue. A Yahoo representative confirmed the report and said it was investigating the situation. A Google spokesman said the company had discovered malware in ads from DoubleClick on its own and halted them.