Yesterday morning MarketingVOX ran an ad campaign containing a trojan-horse-like Flash mechanism that produced a pop-up ad for a fake "performance optimizer."
The campaign, which launched the 26th of December, tested fine — showing an ad for a multimedia technology called Sound F/X — and exhibited trojan horse behavior only after its launch.
MarketingVOX ran about 1,300 impressions of the ad before it was caught and terminated.
MarketingVOX trafficking staff was warned about Flash-based ruse campaigns after several incidents (like this and this) came to light over the past year and a half, where major publishers fell victim to spyware distribution schemes.
The trojan horse version of the ad attempted to get readers to voluntarily download a program that would allegedly scan a hard drive for spyware and other malware.
In fact, according to msmvps.com, the program reports exaggerated or fictional problems to get people to pay for a licensed service that purportedly cleans up the issues. Symantec offers information on the program (and how to uninstall it).
Msmvps.com indicated that NationalGeographic.com fell victim to the same ad campaign ruse in late November.
The campaign was placed with MarketingVOX by someone representing himself as Andrew Branton from ProximoGroup.com, a supposed interactive agency in Ontario, Canada. The domain name's contact information, however, contains a Slovenian address.
Calls to numbers at the firm forwarded to a full voicemail box.