Malware On Perfectly Good Websites

[nikster]

Last week, ads displayed on popular electronic news site Gizmodo were carrying a payload of Windows malware:

http://gizmodo.com/5390520/apologies-we-ha...-ads-on-gizmodo

The malware was drive-by - open the page in IE, and boom, your UAC-secured Windows system is infected. Corporate firewalls and AV software apparently didn't help either. (**)

A long time ago, I thought about security and what's possible from a developer's perspective, and what kind of malware is really out there. Thinking this through, I came to the conclusion that all AV software is useless. And now it appears as if malware developers are closing the gap between potential and reality: Drive by malware that shuts down your AV software as soon as it's executed, that never goes on your hard disk before it disables the AV software so there is no warning.

What I didn't realize is the commercial incentive and the craft they would go about business. Hacking into small time web servers and making them server your malware is an old hat - it's been going on forever. But this is new: These guys bought ad space on a large (and undoubtedly very secure) website and served malware over that! Think about this - that's crazy. That means there must be enough money in this to warrant the expense, plus the "elaborate" scam to make it work.

Please don't use IE. Thanks!