Why is Google Running Ads for Known Malware Sites?
Why is Google Running Ads for Known Malware Sites?
Posted 11/13/2008 at 1:00pm
| by Alex Castle
23
Comments
Print
While researching an antivirus article here at Maximum PC, we noticed something very curious: a Google AdWords link
|
|
called “Antivirus xp 2008,” which led to the url “antivirus-world-2009.com.” (Don't go there)
Anyone who’s been paying attention during the last year or so know that "Antivirus xp 2008" is the name of one of the most widespread and obnoxious bits of malware floating around the internet. It hides itself in your system and launches a bogus antivirus program at intervals to warn you that you’ve got spyware and trojans and the sky is falling. Then, it recommends that you buy the pro version of the program, which presumably also does nothing except rip you off. The virus is frequently updated to evade malware removal tools, and is just generally a pain.
So why is Google advertising for it? It’s not exactly tough to figure out that the site is hosting the virus; the link is called “antivirus xp 2008” after all. Well, maybe we should say that it’s not tough for users like us to figure out that it’s a virus—we suspect that less-experienced surfers (our moms, for instance) could very easily be duped into clicking the link, particularly if they were already searching for antivirus software.
And there’s reason to believe that Google knows the site hosts malware. We know that Google purges so-called “attack sites” from its index, and when we searched for “site: antivirus-world-2009.com,” which ought to turn up all pages at that domain indexed by Google, we got zero results. This isn’t conclusive, of course; there are other reasons that a site might not be indexed by Google, but it is suspicious. Malware-hosting sites are generally designed to try to climb to the top of the Google results page, and it’s probably safe to assume that a site that advertises with Google would be search-savvy enough to get its page indexed, if it weren’t blacklisted.
So what’s the deal? Are cases like this simply oversights, or is it Google policy not to subject its advertisers to the same scrutiny that the rest of the web undergoes? A Google spokesman responded to this question in typical form, saying "Google is committed to ensuring the safety and security of our users and our advertisers. As soon as we are aware of any violations of our policy, we work quickly to investigate and remove sites that serve malware in both our ad network and in our search results. As such, we've removed this site from our ad network."
Us? We're not totally convinced. It seems like there's more Google could be doing more to insure that its advertisers aren't trying to hurt its users, and that it ought to be performing those checks before it hosts the ads.
Let us know what you think in the comments section.
More like this
dwhelpuk
June 12, 2011 at 10:42pm
For all AdWords advertisers, knowing the Google Ads Cost Per Click is the first stepping stone to launching a successful and profitable pay-per-click campaign. Finding the lucrative keywords with a low cost per click attached to them along with adequate search volume can be extremely frustrating. After all, what use would it be advertising under keyword phrases where nobody inputs the search query for your ad to be displayed. TV Ads Services
Garyburse
March 03, 2011 at 7:54pm
This collection is awesome! absolutely love it!
my blogs: how to flirt with a girl | how to know if a girl likes you
liushengquan11
January 18, 2011 at 7:13pm
aI am happy to find this post very useful for me, as it contains lot of information I always prefer to read the quality content and this thing I found in you post. Thanks for sharing.uggs outlet
hempychick
November 18, 2008 at 1:15pm
If you find these sites that start the download of this virus, ping the site and look it up at a dns lookup site, then report it to the ISP's so that they can get it shut down. These are the companies that should be taking responsibility. Usually they have these sites shut down within a few hours. http://runholy.com/?p=92 , http://atlastmylove.com
ubuwalker31
November 15, 2008 at 4:35am
There is a simple solution to this problem: Don't click on any ads. Period. Educate your family and friends about computer virus' and safe computing practices. Use Firefox with AdBlock Plus and FilterSet G Updater. Install ClamWin and Avast! to protect yourself against virus' that do get through.
innocentbystander
November 14, 2008 at 11:07am
Use Malwarebytes' free
Anti-Malware
software to get rid of it
http://www.malwarebytes.org/mbam.php
plumcider
November 14, 2008 at 10:05am
I just got rid of Smart Antivirus 2009, created by the same people that brought us all those other lovely antivirus/antispamware malwared. It took me three days of picking bits and pieces from my registry, and I had to reformat my harddrive--which it repeatedly tried to thwart, by the way--losing all of my data.
Right now, I want to know who to prosecute. If Google is, indeed, advertising these sites, I would like to hold them culpable, as well.
HarmonicShadow
November 14, 2008 at 12:42pm
If you search something pronographically related and you come across a page with groups.google.(insert end here), you'll get a page and when you click the link on that one, you'll get directed to some place like PornoTube to download the Zlob, Renos, whatever trojan or some rouge program. Google may be in cahoots with the malware makers, which they probably are, but maybe the deal went that instead of paying for our fake licenses to software that does nothing, why don't you advertise our software and make us more money? My theory is that Google doesn't care about comp safety at all and that they serve up the fakers just so that the malware people make money and leave google alone. It's like appeasing Hitler, it didn't work. My guess is that the malware might just go off, hack google, and end us for good.
-------------------------------------------------------------------------------------------------
Bill Gates: "What's that?"
Steve Jobs: "It's an iHouse."
Bill Gates: "But there's no Windows."
Steve Jobs: "EXACTLY!"
Farbles
November 14, 2008 at 9:47am
I got my Google Ads cherry popped a couple of months ago when I saw a Google Ad for bulletproof bulk email hosting. I somehow can't imagine reconciling supporting spam resources with "do no evil" and I don't think Google even tries. It's crap and they're just on the take. This is the reason my domain passed on getting Google Ads, since who knows what ads for nasties might have made it on to our pages from Google.
digital demon
November 14, 2008 at 9:28am
I deal with customer computers infected with Antivirus XP at work all the time. It is a royal pain in the ass to get rid of.
I've been wondering how so many people can repeatedly get infected with the same virus, but if Google is hosting a link to it I guess that answers my question.
aeguser
November 14, 2008 at 9:11am
Our companys google adwords account was hacked a week ago and someone put a campaign for this exact ad and put a limit of 10,000.00 a day. The campaign racked up thousands of dollars before I realized what had happened. I emailed google and after 4 days or so, they responded and took care of the problem and we did not have to pay for the irronious charges. Not sure why google approved the ad in the first place, it was obviously a Russian ad that was a malware antivirus site.
Geoff
November 14, 2008 at 8:40am
Congratulations, you've been infected with a trojen called FakeAlert. This is not Google placing adds for a malware site. This is an injected script that adds HTML to the code that you've downloaded. I suggest doing a little research before placing blame. this Trojen was written in Russia and does not infect any systems with Russian set as the prefered language. Should you be interested in learning more about this trojen and what it does, please visit McAfee's site or Sophos' website and search for FakeAlert.
kclemons
November 14, 2008 at 9:14am
DescriptionTrojan.FakeAlert
consists of files that cause false warnings of spyware on the computer.
Usually the alerts are displayed in a balloon type pop-up from an icon
in the system tray.Add. DescriptionTrojan.FakeAlert
displays these false warnings when rogue security software is
installed, usually by exploits, and is used to frighten the user into
buying the rogue software.The article says they google had ads for the malware websites that installed these malicous programs. FakeAlert has nothing to do with changing the google ads you are reading, which is what you are describing.
http://research.sunbelt-software.com/threatdisplay.aspx?name=FakeAlert&threatid=43521
Talcum X
November 14, 2008 at 8:37am
Can we find the same ads (or sponsered links) in any other search engine? Google may not be the only one cashing checks.
***********
Every morning is the dawn of a new error.
"In Ireland, there are more drunks per capita than people." - Peter Griffin
TeMerc
November 14, 2008 at 7:10am
You should spend some time in Blogspot. I've been tracking malware there for months and other more respected researchers evern longer.
I've submitted sites to them for removal and while they kill those blogs, they don't block the sites the blogs are re-directing users to. And they're always the same sites, time and time again. At any given moment there are literally hundreds of malware pushing sites on the Blogspot domain.
But if Google fixes it, there won't be any blogs on Blogspot. Betweeen the spam\blog farms(splogs) and malware pushing sites they wouldn't be able to make a dime.
The latest foray can be found here:
http://www.temerc.com/forums/viewtopic.php?f=27&t=5940
I've just checked and they're now pushing the latest rogue, Virus Trigger.
And Google knows how to block these re-directs too.
Google is all about the money and nothing else. Stay away from Blogspot.
ghot
November 13, 2008 at 8:11pm
..so why would they be bothered if their kissing cousins wanted a link to their malware on a google site.
Ever try and un-install Google earth.....I've HAD viruses that were easier to rremove.
Spider-Mom
November 13, 2008 at 5:57pm
I think its pretty obvious at this point that Google doesnt give a sht about its users. Any one who thinks otherwise might want to question what it planns to do with its Galactabytes of personal information it keeps and never purges about peoples searching habits and redirects. Those records are attached to IPs that can one day personaly ID you and everything youve ever searched for on Google.
Its a feaking search engine. Get over it already.
Viresh
January 31, 2011 at 3:13am
I would like to thank you for the efforts you have made in writing this article. I am hoping the same best work from you in the future as well.
Queenof1
November 13, 2008 at 3:33pm
Now that Google's been put on blast, will the malware ads cease?
ixianradeon
November 13, 2008 at 2:02pm
Why do companies and or software packages like that exist. I mean could there not be a agency or something that stops those kinds of attempts to hurt others. I think malware and stuff like it has reached the point where we can not just rely on spy ware checkers to remove it, a preemptive measure should be taken.
dcrail
November 13, 2008 at 12:55pm
"Why is Google Running Ads for Known Malware Sites?"
My first guess would be that their check cleared.
Connect with MaximumPC
Featured Content
Where have all the memorable videogame enemies gone?
This month's issue
Feature
How to Set Up A New PC
Feature
The State of GPU Computing
How-To
Benchmark an Android Phone
Build It
Sandy Bridge-E
Most Commented Articles
Latest Max PC Tweets
- maximumpc: We referred to "motherboad" prices in an earlier tweet. Not to be confused with motherboard prices, which are ALSO going up.5 hours 51 min ago
- maximumpc: Oh hooray. Motherboad price hikes inbound. http://t.co/nacDWfjJ8 hours 26 min ago
- maximumpc: AMD's New Direction For 2012: Heterogenous Computing, Trinity, and Hondo http://t.co/2KzhCT1N1 day 44 min ago
