Microsoft's Malvertising Lawsuits Try to Find Hackers

By Joel Zand on September 18, 2009 | Last updated on March 21, 2019

Microsoft announced yesterday that it filed five (5) lawsuits (shown below) in Washington State court to try and learn the identities of people who used the company's adManager service to distribute malicious online advertising, better known as 'malvertising.'

According to Tim Cranton, Microsoft's Associate General Counsel, the malvertising operated under the business names of "Soft Solutions," "Direct Ad," "qiweroqw.com," "ITmeter INC." and "ote2008.info."

Cranton said that the malvertisements placed were used "to distribute malicious software or present deceptive websites that peddled scareware to unsuspecting Internet users."

Early this week the New York Times also fell victim to malvertisements that were reportedly displayed under the guise of Vonage ads.

Microsoft, through spokesperson Brianna Pinder at Waggener Edstrom in Portland, Oregon, did not answer questions about:

Whether these particular malvertisements specified in the lawsuits operated under any other operating system (OS) besides Windows;

Whether Microsoft tests all OS's once malvertisements on Microsoft's AdManager are brought to the company's attention, or only Windows OS;

Whether the malvertisements, trojans, and scareware alleged in Microsoft's lawsuits worked the same in all operating systems;

The civil suits appear to answer these questions quite clearly, however.

The different lawsuits allege, variously, that:

Microsoft is informed and believes...that Defendants have been--and are currently involved in--writing and distributing computer trojans targeted [sic] the computers and computer systems of businesses and consumers using Microsoft software, among others

* * *

Defendants operate a number of scareware websites...designed to resemble the look and feel of Microsoft's Windows Vista operating system.

* * *

Defendants misrepresentations include a list of purportedly detected "dangerous spyware" with "critical severity"...[and] the website generates a "Microsoft Security Warning" pop-up message that deceptively uses Microsoft's Marks to suggest that Microsoft is associated with the warning message."

But should Apple aficionados and Open Source users be concerned?

Although sophisticated malware can still affect Unix and Mac OS, neither OS appears to have been targeted by these particular malvertisers.

Don't get to comfy: hackers can still target "virtually ever operating system out there."

Cranton, Microsoft's lawyer explained Microsoft's position on why combating "illegal activity that undermines people's trust in the Internet and online services" is so important to their business: "It pays for free online services like Windows Live, Facebook, Yahoo and MSN."

Mark Zuckerberg and Carol Bartz, take note.

Here are Microsoft's five (5) new malvertising lawsuits that were filed in Seattle, Washington yesterday in Kings County Superior Court:

Microsoft maladvertisement lawsuit - Sept. 17, 2009 - Suit 5

Related Resources:

Bad Ad: Going After The Malvertising Threat, Microsoft's Tim Cranton (Sept. 17, 2009)
Microsoft files lawsuits against "malvertisers", Reuters (Sept. 18, 2009)
Microsoft sues five 'malvertising' perpetrators, Seattle Post-Intelligencer (Sept. 17, 2009)
Times Web Ads Show Security Breach, The New York Times (Sept. 14, 2009)