Malware Attack By Innity Ads On Mozilla Firefox and Google Chrome

UPDATED (20th September 2010, 11pm – GMT+8:00)

Innity has clarified their issues and took swift action is trying to solve the problem..As quoted from Innity’s Announcement Page as of 20th Sept 2010, 6.20pm (GMT+8) :

Google has now completed a review of our domain and certified that http://innity.net/ has now been re-activated and has passed all checks.

We at Innity though are still looking to enforce additional layers of checks and confirmations before reinstating all advertising scripts so please bear with us and we will notify you in the next 24 hours to put up our ad scripts again.

Furthermore, if your site is still currently blacklisted and you are having difficulty getting it reinstated, please drop us an email with your site details to report-malware@innity.com with a copy to marketing@innity.com and we will complete this process for you as quickly as we can.

For further updates you can proceed to Innity : Announcement..

==================================================================

I bet many of you have heard of and also never heard of Innity Ads..

Unlike Nuffnang and Advertlets where both companies aiming at blog advertising, Innity Ads target more on corporate websites, or so I heard..

As quoted from Innity’s website..

Innity Ad Network is a South East Asia network of premium quality news, editorial and entertainment websites that reaches more than 200 million consumers regionally, with over 2.1 billion ad impressions monthly.

Innity Premium Network campaigns are designed to provide high profile brand exposure with no limits on specific placement sites or creative structure on selected premium content publisher sites.

It’s presumed at about Malaysian Time (GMT+8:00) 5pm, September 19th 2010, more than 500 sites contained Innity Ads have been labeled as harmful as it is listed as suspicious..

The time of attack can be confirmed by the Google Safe Browsing diagnostic page for rojaks.blogspot.com, where it’s updated 12 hours ago at the time this blog post is being written, 5am..

innity rojaks malware
*Printscreen of the page at Malaysian Time 5am, 20th September 2010*

In that page it’s also clearly stated that malicious software is hosted on 1 domain(s), including innity.net..

Here’s a printscreen of rojaks.blogspot.com where you can’t view it on Mozilla Firefox or Google Chrome browsers but they are working fine on Internet Explorer and Safari..

rojaks innity malware attack
*rojaks.blogspot.com on Mozilla Firefox*

Here’s a printscreen of rojaks.blogspot.com on Google Chrome..

rojaks-chrome innity malware attack
*rojaks.blogspot.com on Google Chrome*

Using Internet Explorer is pretty fine, well I don’t know why as I’m not a tech guy but here’s a proof, visiting the blog at the same time..

rojaks-iinternet explorer innity
*rojaks.blogspot.com bearing the Innity Ads banner*

So the question is what causes the “malware attack” that prevented those sites having Innity Ads from being visited?

After some research and discussion with Joshua, we found out that Innity is not at fault for causing the malware attack that paralyzed those blogs and websites..

If you visit Innity.com you will safely enter the site without any warning at all..But when we tried Innity.net, the warning page appeared and we found a better source of it..

innity-page malware attack google

Quoted from Google Safe Browsing diagnostic page for innity.net says..

Has this site acted as an intermediary resulting in further distribution of malware?

Over the past 90 days, innity.net appeared to function as an intermediary for the infection of 3 site(s) including yiela.com/, insurance.us/, lintasberita.com/.

Other than the 3 mentioned sites, we also know that The Star is actually running Innity Ads but they have solved it pretty fast and The Star is working fine now..

But when Joshua searched on the Google Safe Browsing diagnostic page for thestar.com.my, it says..

What happened when Google visited this site?

Of the 902 pages we tested on the site over the past 90 days, 75 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2010-09-19, and the last time suspicious content was found on this site was on 2010-09-19.Malicious software includes 63 scripting exploit(s).

Malicious software is hosted on 3 domain(s), including 2117966.net/, cnjug.com/, innity.net/.

3 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including skyad.net/, doubleclick.net/, innity.com/.

This site was hosted on 3 network(s) including AS10204 (ARCNET), AS17547 (QALA), AS2042 (ERX).

innity-thestar malware attack
*Printscreen of the page to support what I’ve quoted*

People started noticing this “attack” after some people tweeted bout it where you can search “innity” it on Twitter Search page..

Other than proofs from Google, DataKL Solutions also blogged about “Innity Ad Code Causing Reported Attack Page”..

Now don’t be surprised if you found out your blog/website appeared to be harmful :D

The solution is to temporarily remove the ad code in your blog/website by using Internet Explorer or Safari because these 2 browsers were not affected by the malware..

To date as of 6am, 20th September 2010, it’s reported that this malware has infected more than 644 domains including xaluan.com, cari.com.my, and gudanglagu.com..

Check out Joshua’s – Malware Attack on More than 600 Domains/Blogs/Sites With Innity Ad Code Affected..

19 thoughts on “Malware Attack By Innity Ads On Mozilla Firefox and Google Chrome

  1. Pingback: Malware Attack - More than 600 Domains/Blogs/Sites with Innity Ad Code affected | JOSHUAONGYS.COM

  2. Hi,

    We are aware of the current issue one may be facing with the Innity server and our technical team is working to get this rectified ASAP. If this issue is causing any inconvenience to your website/ the website of anyone you know, we suggest that you temporarily remove our ad scripts until further notification from our end.

    We sincerely apologize for the inconvenience caused and look forward to your continued support to Innity.

    Regards,
    Rhia
    (Marketing Manager – Innity)

  3. The current problem is affecting visitors using Firefox and Google Chrome.The above browsers are using Google service for malware detection, while we are working with Google review. The publisher can remove the warning message by temporarily taking down our tag, and sign up on Google Webmaster Tools and request for a review.

    For more details,click on http://www.innity.com/announcement/ or you can email us at report-malware@innity.com.

  4. Dear sir,

    Thank you for your article (p/s: I found it through SkyAd.net tag)

    Regarding the article below:

    http://www.wirespot.net/2010/09/20/innity-serves-malware-600-websites-blocked/

    Due to the circumstances above, if you are running the ads script from Innity, please take it out immediately as it will affect your site. Other than that, be diligent and take the necessary measures to change immediately the passwords to ALL your servers (DB, App, FTP; etc).

    However, if you are running SkyAd.net ads script, we already take the necessary precautions regarding this matter. As for now, our ads scripts are safe and will NOT affect our publishers in any way.

    Sincerely,

    Sarimah Samad
    Business Development Manager
    SkyAd Media Sdn Bhd

  5. Rhia >> Thanks for the clarification and prompt reply in helping those facing this problem :)
    Sarimah Ahmad >> Thanks for swift action on the precautions :)

  6. I think that what you said wass very reasonable. But, consider this, suppose yoou were to
    rite a killer headline? I mean, I don’t wish too tell you how
    to run your website, but what if you addced somethiing
    to possibly get a person’s attention? I mean Malware Attack By Innity Ads On Mozilla Firefox and Google Chrome |
    Thee Yat (One) And Onlyy JourneyThe Yat (One) And Only Journey is kinda vanilla.
    You might glance at Yahoo’s home page andd note how they
    create pst titles tto get people to click. You might add a video or a picture or two to grab readers
    excitd about what you’ve got to say. In my opinion, it could bring your blog a little
    livelier.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>