No, One of My Adverts Was Not Trying to Attack Your Computer This Morning

27216541_240f55d783_bI have long advocated using an ad blocker for security reasons. Malvertising, or ads which try to infect your computer, can happen from any site on any ad network, including Forbes, AOL's ad network, .

Luckily, it has yet to happen on this blog.

Earlier today a reader warned me that one of the adverts on my site had been caught by their Eset antivirus while trying to infect their computer with a trojan called JS/ScrInject.B.

I have embedded the warning message at the end of this post, but fortunately for me it looks like this was a false positive. A search of Eset's own forums reveals multiple reports that other sites, including subscription sites with no adverts, are also supposedly serving up this same trojan this morning.

While it's possible that these reports are accurate, I can't find any reports from other antivirus products or services, and that suggests that this was a problem with the detection software rather than the ads on the websites.

And that's a relief, because frankly there was nothing I could have done about this problem other than to remove the ad. The source of the mistakenly reported trojan wasn't on my servers but was merely delivered via the ad code sitting on my webpage, and so it was outside of my control.

It's also largely out of my ad network's control. The online advertising ecosystem is so fragmented that a malicious advert may pass through several intermediaries before showing up on a website.

It's a screwy situation, yes.

JS/ScrInject.B trojan
connection terminated
Threat was detected upon access to web by the application: C:\Program Files (x86)\Mozilla Firefox\firefox.exe (EC7C614426E5AE6C22DDA350ED3ADB2DAE2C7E9C).    66DA6F1E7148DC6CCC1ED1F171276F80D1D074D2

image by Marcelo Alves

 

About Nate Hoffelder (11378 Articles)
Nate Hoffelder is the founder and editor of The Digital Reader: "I've been into reading ebooks since forever, but I only got my first ereader in July 2007. Everything quickly spiraled out of control from there. Before I started this blog in January 2010 I covered ebooks, ebook readers, and digital publishing for about 2 years as a part of MobileRead Forums. It's a great community, and being a member is a joy. But I thought I could make something out of how I covered the news for MobileRead, so I started this blog."

2 Comments on No, One of My Adverts Was Not Trying to Attack Your Computer This Morning

  1. “Borked ESET antivirus update says entire web is too risky to browse”
    http://www.theregister.co.uk/2016/02/29/eset_antivirus_false_positive/

Leave a comment

Your email address will not be published.


*