The website of the New York Times was hit with a malicious attack over the weekend, serving readers with advertisements for fake antivirus software.
It is believed that hackers broke into the server that hosted banner advertisements for nytimes.com to ensure that the site served up advertisements that encouraged users to download antivirus software that claimed to remove malware from a user’s PC, even though it did not exist. The publication claimed that the banners were the result of an “unauthorized advertisement”.
Surfers visiting www.nytimes.com over the weekend were confronted by malicious pop-up window that falsely warned that their systems were infected. The ruse was designed to scare people into buying a clean-up utility of little or no value.
“Some NYTimes.com readers have seen a pop-up box warning them about a virus and directing them to a site that claims to offer antivirus software,” read a statement posted on nytimes.com. “We believe this was generated by an unauthorized advertisement and are working to prevent the problem from recurring. If you see such a warning, we suggest that you not click on it. Instead, quit and restart your Web browser.”
The New York Times is not the first high-profile media publication to have been targeted by hackers in the past, the the Daily Mail, Digital Spy and ITN have all been subject to attacks that has resulted in their sites serving up advertisements for various forms of malware. Similar attacks have also affected Google AdWords, Yahoo, MLB.com, MySpace and photo bucket.