September 14, 2007 2:44 PM PDT

Facebook banner ad serves an exploit

Posted by Robert Vamosi

Print
E-mail
Share

Security researcher Roger Thompson got a surprise the other night when he borrowed a computer to view a friend's Facebook blog--Internet Explorer wanted to download some malicious Microsoft Data Access Components (MDAC) objects. That didn't seem right, so he tried another computer, and said "I got extra copies of the browser starting, and ads being served."

Thompson is no stranger to such tricks. He heads Exploit Prevention Labs, a company that specializes in finding and mitigating browser exploits found on Web pages. This attack really surprised him. It uses an exploit of MS06-014, which means if your computer has been updated with the latest patches from Microsoft issued since September 2006, you won't experience a thing. But if you haven't updated your Windows computer in more than one year, you'll be subjected to a barrage of unwanted adware.

On an infected machine, a Google homepage now shows adware.

(Credit: Roger Thompson/Explabs)

On vulnerable machines, Thompson found that the banner ad on Facebook makes a call to bannerconnect, bannerconnect makes a call to yieldmanager, yieldmanager makes a call to valuead, and valuead makes a call to megapromition, which throws an exploit (MS06-014) and runs an adware installer. Thompson's latest blog explains the whole process in greater detail. The end result is that once infected, your Internet Explorer home page displays additional windows serving various ads.

Topics:: Security

Tags:: security,; Facebook,; adware,; Roger Thompson

Bookmark:: Digg; Del.icio.us; Reddit

News Blog topics

Inside CNET News

Scroll Left Scroll Right

Cutting Edge
Water ice glaciers spotted on Mars
NASA scientists find what they believe are huge water ice glaciers sitting just beneath the Martian surface.
Gallery
Photos: Gadgets we're thankful for, part 1
Apple
Palm losing out as iPhone gains corporate fans
Corporate IT spending is falling like the stock market, but Apple's share of the growing smartphone market is increasing among business customers, says ChangeWave.
Coop's Corner
OK, enough of the electric car feel-good story
If we're talking about a breakthrough, then we're really talking about thinking big about a nationwide charging network. And that means turning to Uncle Sam for help
Video
SF Bay Area plugs in
The Download Blog
MySpace app for BlackBerry a RIM record-breaker
RIM announces more downloads in the first week for their BlackBerry-compatible MySpace application than for any before.
Video
Yang resignation, successor the talk of the Valley
Politics and Law
Judge spares E-Gold directors jail time
Senior directors of online payment site E-Gold, who had pleaded guilty to charges of money laundering, received small fines and no prison sentences. A judge said it was due to a lack of criminal intent.
Cutting Edge
Mathematica 7 arrives with built-in human genome
The newest version of the software gets new data sets, image processing abilities, and built-in support for quad-core chips.
Gallery
Photos: Nokia, Navteq team up as traffic monitors
The Car Tech blog
Photos: New models at the LA Auto Show
There were many exciting new model launches at the 2008 LA Auto Show.
The Car Tech blog
Hyundai shows off hybrid powertrain for Sonata
CNET Car Tech takes a look at the new hybrid powertrain shown off by Hyundai at the 2008 Los Angeles Auto Show.