Ads Gone Wild!


For the past several weeks, millions of banner ads that contain Trojan horse programs that can infiltrate a user’s computer have been running on the popular sites and as well as others.

Security company ScanSafe detected the ads on August 8th, and estimated that 12 million of the banner ads were served over three weeks. It was found that these ads were delivered through the Right Media Exchange system, the newly acquired Yahoo network.

Visitors who used a version of Internet Explorer that was not properly updated with the latest security updates were susceptible for infection by the hidden Flash file.

Even though the ad had been identified and the issue is being resolved by Right Media according to other reports, this kind of online crime is not unprecedented and unfortunately is probably not over. This type of activity has happened on various other networks over the years, but the Right Media Exchange is a unique environment made up of many advertisers and networks that have higher levels of control to exchange all kinds of ad types, good and bad.

Banner ad attacks carrying malware are a very efficient way to infect many people because banner ads usually run on high-traffic, well trusted sites. The ads in question used an invisible “iFrame” which inserts content from other sites onto the current page.

Right Media has a thorough scanning process to identify these malicious ads before they have the opportunity to infect other machines, however ScanSafe said that this particular code was created to identify the difference between a web site visitor and Right Media’s scanning servers. Owners and users of the Right Media Yield Manager system speak very highly at the level of diligence that is put into fighting malicious advertising.

The Trojan, was identified as Trojan Downloader VBS.Agent.n, coming from a server in the Netherlands without any kind of figure of the number of people infected by the program.

Regardless of how large or small a company is the evolution of parasite and prey will continue, even online. The easiest way to avoid being caught by a virus is for users to periodically update their systems.


  1. I posted this before, but for some reason, it was strangely deleted.

    Why did you change the name of the title of the story from Right Media Delivers Trojan Horse to Ads Gone Wild!? Some sort of censorship? Media is supposed to be truthful, not deceptive.

  2. This had happened countless of times in Right Media exchange system. Nothing new, low cost sub-par ads = problems like this. Its a trade off, there are other exchange based technologies coming up, publishers should have more and better choices soon.

  3. We are as committed to the fun of conspiracy theories as much as anyone, but unfortunately our adjustment of the title was a reflection of the details that Right Media as an ad serving technology and exchange didn’t actually deliver the virus and it was a a specific offending advertiser who utilizes the Right Media ad server and exchange. It wasn’t made by Right Media. It was a bad ad that figured out how to bypass the Right Media controls. Basically, on second thought we didn’t think it was an accurate title.

    Robert Regular, Publisher


Please enter your comment!
Please enter your name here