Information Protection and Security

Microsoft on Thursday filed five civil lawsuits against companies that have allegedly been engaged in malicious online advertising, or "malvertising."

Scammers tricked the New York Times' Digital Advertising department into placing a malicious ad for fake antivirus software on the NYTimes.com Web site over the weekend, the company confirmed Monday.
Article link

Microsoft is suing five online entities and the individuals behind them for spreading "malvertising," or online advertising that delivers malware. As demonstrated by a September attack on The New York Times Website, malicious online advertising represents a persistent and increasingly high-profile problem for businesses and consumers.

Malicious advertising (malvertising in short) is becoming a favorite medium of cybercriminals to distribute malware. The types of attack vary and attackers increasingly use legitimate web sites to spread their malware, either hiding it within an ad itself (such as in a .swf file), embedding it on a page, or using a download link to infect victims. Criminals have even been known to hack into web servers to compromise hundreds of sites, and use blackhat search engine optimization techniques to compromise web search results leading to malicious ads.