

Malware in Ad Networks Infects Visitors and Jeopardizes Brands - jdangu
http://www.proofpoint.com/threatinsight/posts/malware-in-ad-networks-infects-visitors-and-jeopardizes-brands.php

======
Pxtl
... at this point I think adobe has worn out their welcome. I'm actually
surprised that security tools don't just uninstall flash player and acrobat
reader preemptively.

~~~
phelmig
And the Java Plugin as well. Outside the corporate world it's rarely used
anyways (the plugin, not java in general)

~~~
yourad_io
Click-to-play is the best feature ever for these kinds of things - pick who
you trust. I wish it were made the default.

~~~
Pxtl
Now that Apple has killed flash in so many use-cases, I think it would be
palatable for major browsers to start forcing plugins like Flash, Java,
Silverlight, and Unity to be "click to activate".

------
swartkrans
This is the reason I use adblock. I don't think blocking ads on websites is
unethical because you should be able to decide what your computer does, but I
think as long as the ads aren't horribly awful (in which case don't go to that
site) I'd like to think having ads on is the right thing to do. Only that
would be true in a perfect world were ad networks weren't vectors for malware.
So I run adblock plus.

~~~
jarcane
This. I think I've only ever once had a serious malware infestation on my main
machine, and it was directly from a pop-up ad. Even the internet savvy can get
caught out once in a while, or misclick a link, or click through a google
result to something with automatically executing code.

I'll stop running Adblock the day not running it stops being like walking
through a lion's den with raw antelope strapped to your danglies.

------
arb99
This is hardly a new thing.

Ad networks have always had (a very small %, but still there) a problem with
people using exploits in flash ads. Especially ad networks for more 'dodgy'
sites, that auto enable ads with no checking, no real checking if the
advertiser is a legit business etc... (not that the adnetwork that this post
is talking about deals with dodgy sites, but just saying its a common-ish
problem (when given the 100s of thousands of ad impressions every day by ad
networks).

I think i heard that malware nowadays is spread through more ads on adult
websites (via 3rd party ad networks, not the sites themselves) than any other
method, but i'm not sure on the source for that.

