[ NNSquad ] Warning: New York Times ad system antispam contamination continues

NNSquad - Network Neutrality Squad
NNSquad Home Page
NNSquad Mailing List Information

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ NNSquad ] Warning: New York Times ad system antispam contamination continues

To: nnsquad@nnsquad.org
Subject: [ NNSquad ] Warning: New York Times ad system antispam contamination continues
From: Lauren Weinstein <lauren@vortex.com>
Date: Sun, 13 Sep 2009 13:22:16 -0700


Greetings.  The New York Times ad delivery system has apparently been
contaminated by some form of illicit antispam ad injection exploit.  I
first saw this upon clicking a NYT home page story link yesterday on
one machine, and a few minutes ago was hit again via a different NYT
home page story link on a completely different local computer:

Here's a screen capture: http://bit.ly/m04qo

Early today the Times posted a note regarding this problem 
( http://www.nytimes.com/2009/09/13/business/media/13note.html?hp - but
clicking on this link may also trigger the beast!), though it was not
made particularly clear that the contamination is *ongoing* and that
the Times had not yet successfully cleansed their ad system.

It is not immediately obvious how dangerous the pop up is (just an
insistent, hard to kill ad?  A virus?  Or?), but as usual in these
situations clicking on them in any form (even to "Cancel" or "Close")
is unwise.

Depending on your browser and configuration, you may not be able to close
you browser at all, and even killing the browser process may result in
being returned to the same contaminated state the next time you start your
browser (in my case, this was all under Firefox).

The best recommendation if you hit this beastie is to immediately
reboot your system.  If on your next browser start you get an error
from your browser, discard any existing sessions and start a new
session if possible.

Hopefully the Times will really get this fixed sometime soon,
regardless of the problem's initial origin.  Until then, clicking on
any New York Times links should be carefully considered.

--Lauren--
Lauren Weinstein
lauren@vortex.com
Tel: +1 (818) 225-2800
http://www.pfir.org/lauren
Co-Founder, PFIR
   - People For Internet Responsibility - http://www.pfir.org
Co-Founder, NNSquad
   - Network Neutrality Squad - http://www.nnsquad.org
Founder, GCTIP - Global Coalition 
   for Transparent Internet Performance - http://www.gctip.org
Founder, PRIVACY Forum - http://www.vortex.com
Member, ACM Committee on Computers and Public Policy
Lauren's Blog: http://lauren.vortex.com
Twitter: https://twitter.com/laurenweinstein

Prev by Date: [ NNSquad ] What it really costs a cell phone carrier to send an SMS text message
Next by Date: [ NNSquad ] The Joy of Libraries, a Fireman's Flame, and the Google Books Settlement
Previous by thread: [ NNSquad ] What it really costs a cell phone carrier to send an SMS text message
Next by thread: [ NNSquad ] The Joy of Libraries, a Fireman's Flame, and the Google Books Settlement
Index(es):
- Date
- Thread