Security firm ThreatTrack Security Labs today spotted that certain Bing ads are linking to sites that infect users with malware. Those who click are redirected to a dynamic DNS service subdomain which in turns serves the Sirefef malware from 109(dot)236(dot)81(dot)176. Update: Microsoft is investigating, see statement below.
ThreatTrack notes that the scammers could of course be targeting other keywords aside from YouTube. The more popular the keywords, the bigger the potential for infection.
The security firm found 25 infected domains (all ending with .info): MyVideosSite, correctweathersite, enterfreegames, myyoutubechannel, ournewschannel, coolmathreview, newcoolmath, dictionaryspace, majorcoolmath, fullyoutubeexplore, fullyweatherdotcom, myvideossite, atomicyoutubesite, basisnewsbox, coolmathexpert, correctnewsarea, dailycoolmath, energyyoutubecity, excellentvideosarea, freegamesexpert, icevideoslife, dailyyoutubebox, supercoolmath, superfreegames, and web2carz. This is likely a small subset of a bigger list.
The good news is that ThreatTrack says some of these sites, which were likely compromised, are now back to normal or offline at time of writing. The Next Web tried searching Bing.com for “youtube” to replicate the issue but mostly saw no ads at all. The only ad that we did see was for Lynda.com, which also appeared when searching for “vimeo” on Bing.
The malicious ads may be only being served to certain regions. ThreatTrack is based in Clearwater, Florida, with operations in the Philippines and team members “around the globe” so we’re not sure where they saw their results.
This isn’t the first time malware has been found in the ads beside search engines like Google, Bing, and Yahoo. Criminals try very hard to get their threats on search engines because they are used very frequently and are generally trusted.
Regardless of what you search for on Bing.com, we would recommend not clicking on any of the search engine’s ads until we know for certain that this has been resolved. We have contacted Microsoft about this issue and we’ll update this article if we hear back.
Update at 4:25PM EST: Microsoft says it is looking into the issue. “We are investigating the claims of fraudulent ads in Bing,” a Microsoft spokesperson told TNW. “We will take any appropriate action to help ensure our customers are protected.”
Top Image Credit: George Crux
Pssst, hey you!
Do you want to get the sassiest daily tech newsletter every day, in your inbox, for FREE? Of course you do: sign up for Big Spam here.