People who get their regular dose of news from the New York Times website were recently told to be careful when browsing through the said site as malicious advertisements—also known as “malvertisements”—are found on its pages and are displaying pop-up windows that falsely report malware infections on their systems.
As reported in detail by Trend Micro researcher Rik Ferguson in the Counter Measures blog, the New York Times issued warnings through both Twitter and its website’s front page about malvertisements that trigger the display of a malicious pop-up window. The said pop-up window displays the typical fake antivirus warning indicating malware infection. This forces the affected user to purchase a full version of a rogue antivirus software. Of course, the reported infections are in reality nonexistent. The alarming messages are mere distractions to convince the user into giving away important information.
Not only is good money wasted on purchasing a useless software. Important information such as credit card details are also compromised and made available to cybercriminals.
However, this attack turns out to be short-handed when placed against the Smart Protection Network. Not only are the fake antivirus software used so far already detected as TROJ_FAKEALE.SMF and TROJ_FRAUDPAC.LH; the URL to which the malvertisement redirects to is also blocked. These prevent the whole infection process from even starting.
Other users are advised to ignore such pop-up messages.