We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
78,145 News Articles

Hoax antivirus pop-ups on New York Times website

Newspaper says unauthorised ad caused problem

The New York Times has warned readers to be wary of ads for antivirus software on its website.

The so-called rogue antivirus products that have been spotted on the website, often promoted by Eastern European criminal organisations, are either ineffective or actually end up infecting the computers of people who purchase them.

"Some NYTimes.com readers have seen a pop-up box warning them about a virus and directing them to a site that claims to offer antivirus software," the Times said in a 'Note to Readers' on its website.

"We believe this was generated by an unauthorised advertisement and are working to prevent the problem from recurring." The newspaper did not respond to a request for more information on the issue.

Because online advertisements are usually sold through networks, sites such as NYTimes.com often have to rely on other companies to make sure that the ads they carry are appropriate.

Blogger Troy Davis was hit with the ad on Saturday night. After taking a closer look, he discovered that JavaScript code in a New York Times ad redirected him to a website that popped up a browser Window designed to look like it is conducting a scan of the system. The window warns, ‘Your computer is infected'.

"It's a fake page for a non-existent antivirus app, which is actually malware," Davis wrote in his analysis of the issue.

In the past three months, rogue antivirus software has emerged as a major online problem, according to Paul Ferguson, a researcher with antivirus vendor Trend Micro. "It's pervasive," he said in an instant message interview. "Right now, they are going full-tilt."

Criminals use a variety of tricks to get people to shell out for the bogus products: They use search engine optimisation techniques to get search engines like Google to list websites that display the pop-up ads, or they'll flog them through social media sites like Twitter or Facebook . They even use malicious Trojan horse programs to pop up error messages in hopes that people will buy.

"It's a multimillion dollar business," Ferguson said.

Broadband speed test

PC security advice

See also: Is your PC botnet infested?


IDG UK Sites

OnePlus Two release date rumours: Something's happening on 22 July

IDG UK Sites

13in MacBook Air review, Apple's MacBook Air 2014 reviewed

IDG UK Sites

5 reasons to buy an electric car and 5 reasons not to

IDG UK Sites

Evernote Skitch: the best way for creatives to doodle feedback