Trojan in banner ad avoided security testing
Yahoo! owned RightMedia has been serving ads to popular networks such as MySpace, Bebo and Photobucket that could wreak havoc on visitors' machines. The Trojan which was reported to have been inserted by a third party ad server, was tracked down to RightMedia. The infected banner ad supposedly ran several million times over a three week period after it was first spotted on August 8th by a web security company before it was removed.
The ads used Flash to load an invisible iFrame which in turn would load content in from another website. RightMedia has said that it has systems in place to test and determine whether ads contain malicious code, and will flag them appropriately. Upon further investigation of the ad, code inserted was actually designed to tell the difference between RightMedia's protection systems and not display the Trojan when the company ran the testing process.
All we can say is, "Hello Firefox with AdBlock!"
