Yahoo announced that they were acquiring Right Media in April (before this, they’d owned a 20% stake). And now just what Yahoo didn’t need: Right Media servers appear to have been providing more than ads recently. From August 8th until earlier this month, it looks as though Right Media ads were also delivering a virus to their viewers.
The virus was being unknowingly distributed by over 70 Right Media ad servers, which ScanSafe estimates delivered up to 12 million infected ads in recent weeks. Myspace, Bebo, Photobucket and The Sun were among the sites carrying virus-laden ads.
The virus could infect unsecured machines without any action from the user other than browsing to a page carrying the affected ads. “The infected placements delivered a Flash file generating an invisible ‘iFrame’, which prompted the download of a Trojan executable file.”
Right Media does take steps to prevent malicious ads from making it into circulation. ScanSafe, the Web security firm that reported the attack, suggested that the ads were cloaked to serve benign versions of the ad to security scanning servers.
The virus in question, Trojan-Downloader.VBS.Agent, can download other malicious files, including executable files, to the affected computer.