Microsoft is filing lawsuits that it hopes will hold to account the people who have disguised malware as advertising. The problem is that no one knows the identity or whereabouts of the culprits.
The software company, which is filing five civil lawsuits against businesses that have taken up ads designed to transmit viruses and other harmful material, faces an uphill battle.
Microsoft's malicious ad lawsuits
Microsoft's lawsuits, announced in a blog posted by associate general counsel Tim Cranton this week, target businesses with vague names such as Soft Solutions and ote2008.info. The businesses, Microsoft says, used popular online ad platforms to hide malicious code and try to infect unsuspecting users - a process sometimes described as malvertising'. If a user follows a link presented in the advert, they could end up with damaged data or stolen information, or even find their PC under someone else's control.
"This work is vitally important because online advertising helps keep the internet up and running," Cranton says. "Fraud and malicious abuse of online ad platforms are therefore a serious threat to the industry and for all consumers and businesses."
Just this week, a malicious ad made its way on to the New York Times website. Readers were greeted by pop-up boxes claiming they had a virus and should go download specialised software to fix it. Following the link may have resulted in an actual virus being transmitted.
Fighting the 'malvertisers'
The malicious-ad market is considered a multibillion-dollar business. So far, though, the fight against it has proven to be difficult. Microsoft sued a Texas company over ad-based malware last year, but the problem is widespread enough that lawsuits seem to do little in the way of curbing it. In the new case, Microsoft isn't even sure exactly whom it's going after.
"Although we don't yet know the names of the specific individuals behind these acts, we are filing these cases to help uncover the people responsible and prevent them from continuing their exploits," Cranton explains.
General caution is the best way to keep yourself protected: don't click web-based pop-up boxes, even if they display alarming messages about your computer; make sure your own virus protection software is in place and up to date; and never give out your personal information while surfing the web, unless you know exactly where it's going.