Peter Kafka

Recent Posts by Peter Kafka

Home Delivery: The New York Times Serves Up Some Malware

nyt malwareHere’s a front-page story the New York Times (NYT) would rather not be running: The paper is warning readers to be aware of bogus ads running on its Web site.

The paper says “some readers” have seen unauthorized pop-up ads promoting antivirus software on NYTimes.com, and warns visitors who see the ad not to click on it but to restart their browsers instead. While the Times doesn’t spell this out, the newspaper has likely had its site hijacked by a “malware” scammer who is trying to trick visitors into installing pernicious software onto their hard drives.

MediaMemo reader Tim Minter passed along an image of the pop-up below (click to enlarge). Here’s his description of the way it appeared on his desktop:

The ad hijack[ed] my computer. Say I’m reading an article (the Clean Water Act was the one that caught me). It then redirects my browser involuntarily to sex-and-the-city.cn. That site then redirects to the ad I screen-captured.

At no time did I click anything. That’s what is so nefarious about this malware.

Thankfully, since I run OS X, I knew immediately it was malware (seeing WindowsXP on a Mac where that’s not installed is suspicious).

screen-capture

You generally have to travel farther down the Internet publishing food chain to find this kind of bogus ad–go hunting for porn and/or illegal downloads, for instance, and you’ll find plenty of this stuff.

But Web advertising is still a wild and woolly place, and this type of thing still plagues high-end publishers too. Sometimes it’s the fault of ad networks the publishers use to move their unsold inventory; sometimes the bogus ads are bought directly from the publishers themselves.

I’ve asked both the Times PR staff and ad tech team for additional information about the ads, but haven’t heard back yet. Still, you have to give the paper credit for flagging this on its front page at all.

UPDATE: The Times’ explanation: A hacker duped the paper by buying the ad directly from the paper’s sales staff, then disguising it as a legit ad for a week.


Latest Video

View all videos »

Search »

There was a worry before I started this that I was going to burn every bridge I had. But I realize now that there are some bridges that are worth burning.

— Valleywag editor Sam Biddle