I was reading an article on PCWorld’s website about the upcoming Google Chrome OS:


So far so good. Except that I inadvertently clicked on one of their sponsored links:


which ironically states “Here is all about spyware removal and even more.”

After a few redirects, my browser is hijacked by one of those FakeAV scanners:


Here is the HTTP traffic capture screenshot and log:



Most computer users will end up with this on their PC:


Third-party ads are the cause of a lot of problems. It does not matter how legitimate a site is, as long as it is referencing dynamic ads, it can expose its users to malware.

I usually never click on “Sponsored links” as I’m most likely not interested in such or such product. But a lot of people do because those links are relevant to the article (or the search). For every click, the website hosting the ad will receive some money, and more if the user “converts” (the user ends up buying whatever was promoted).

As a general rule, I would advise never to click on “Sponsored links” or ads that you see on a website. There is big debate about marketing: Does it fulfill a need people already had and never knew or does it create a need that never existed? I believe in the latter.

Then again, you may click on one by accident!

Taken From ‘malware diaries’