The New York Times was hit with an unauthorized ad that forcibly redirected visitors to a site purporting a "free" online antivirus and a not so free cure for the virus it will inadvertently detect. In fact, I wrote about this rogue malware trend [1] just a couple of months back.

In this instance, the offending popup apparently found its way to its site via a "bait and switch" method, where a legitimate ad that was approved earlier got swapped out in place of the malicious one over the weekend.

In a statement, Diane McNulty, executive director of Community Affairs and Media Relations, wrote, "As soon as we were made aware of the situation, we took aggressive steps, suspending all third-party advertisements on the site." According to McNulty, they have taken steps to prevent a reoccurrence.

This incident was of particular note due to the profile and traffic that the New York Times site receives, though I won't be surprised if similar schemes haven't been successfully hatched against other sites. Ultimately, I see this as yet another indication of just how lucrative rogue malware can be, as well as represents an interesting blend of traffic redirection and exploitation of a well-known or trusted site.

It is not known how much of a financial hit the NYT site took, in terms of lost revenue, as it grappled with the problem, though the steps taken show just how complex it can be to unravel attacks using embedded code.

For more on this story:
- check out this article [2] at CNET News

Related Articles:
Rogueware, the new malice in malware [3]
New worm attacks unpatched WordPress blogs [4]
Men far worse than women on password security [5]
Conficker still lurks on the Internet [6]