Malware-spiked adverts hit Star Tribune website

Filed Under: Malware

Star Tribune
The Star Tribune, the largest newspaper in the state of Minnesota, has confirmed that visitors to its website (www.startribune.com) were hit by malicious adverts earlier this week.

The "malvertising" attack, which began on Sunday, spurred the newspaper into disabling all online advertising on Monday afternoon while it investigated the infection, after users began reporting seeing fake anti-virus alerts as they read their daily fix of news.

Star Tribune story about malicious adverts on its website

According to the newspaper, scared users were told that their computers had a security problem and urged to cough up some cash for a "fix" from the internet.

Regular readers of the Clu-blog will recall that last September the New York Times was hit by a similar case of malvertising, and in the past a wide variety of media outlets (such as the Gizmodo, ITV and RadioTimes) have also fallen foul of poisoned adverts serving up malware and fake anti-virus alerts.

As discussed in Sophos's recent Security Threat Report, scareware has become one of the biggest revenue-generators for cybercriminals in the last 12 months, and we're seeing more attacks all the time either planting malicious scareware on compromised websites, posing as legitimate security companies, or explotiing hot internet search topics such as celebrity deaths.

Regrettably, the Star Tribune hasn't published details of the precise malware which was being distributed by the third-party adverts - but all computer users who could have been affected would be wise to ensure that their anti-virus protection is updated, and that their browsers and other vulnerable software is properly patched.

, , , , , ,

You might like

About the author

Graham Cluley is an award-winning security blogger, and veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.