Is there a way to protect yourself, besides than not clicking on the ads? I assume that having a comprehensive security suite from a good company like Anonymizer helps, but other than that and not clicking, is there anything else you recommend? Thanks.

I believe that...
"The attackers exploited a flaw in Microsoft's Internet Explorer Web browser, a problem that the company issued a patch to fix last June."
...means that if you have properly patched and updated you should not fall victim to this particular issue.

Well what's next? I'm not surprised by this at all. Why don't these malicious hackers find something a little more creative and worth while to do with their time like create another Web 2.0 site, after all, everyone is doing it!

Why does Google disable a hyperlink's target from being displayed in your browser's status bar?

I think this post could go hand in hand with a report earlier this month by Fortiguard that a number of blogger.com blogs were also infected with malware:

http://www.fortiguardcenter.com/advisory/FGA-2007-04.html

There is really no widely available way to check the code of a blogspot blog to see if it is infected. If you host a blog on your own server you can check the logs to see if any files have been changed. You can also save a copy of your html file and scan it with virustotal.com, but a lot of the latest worm variants have not been included by most of the virus scan software.

I had all the latest patches downloaded from Windows Update, my AdWords account was slammed with 60k in charges in less than 12hrs yesterday.

RE: Is there a way to protect yourself ...

Probably using a web browser other than that affected, - Microsoft Internet Explorer, that is, will do.
You may want to try Firefox.

I use the Customize Google extension to Firefox. It seems like it might help a bit in this situation, though I am not sure.

Re: How to protect against. Use one of the safe surfing apps. I think LinkScanner ( http://www.explabs.com/products/lspro.asp - they have a free version too) from Exploit Prevention Labs is best. Or better yet, Google and Yahoo should use something like LinkScanner so that malicious hyperlinks are disallowed before they're posted.

Apart from staying current with security patches,McAfee has a free toolbar add-in that helps. SiteAdvisor will place an icon to the right of the search result or AdWords entry. This will help if SiteAdvisor has already reviewed the site. I have seen examples for AdWords advertisers where they have displayed a red X indicating they have an issue with the site.

While this method helps spot problems, it won't catch all the bad guys especially if they use redirects.

You people miss the point. World's largest, most popular web ad broker allows their system to be compromised by lowest form of online entities.

It is not IE vs Firefox issue. It is the serious lack of quality control at that system.

"You people miss the point. World's largest, most popular web ad broker allows their system to be compromised by lowest form of online entities.
It is not IE vs Firefox issue. It is the serious lack of quality control at that system."

I think you miss the point. These people clicked on an ad on the web, using an insecure browser that needed updates. (Even with the updates it's still extremely insecure.Fact.)

Anyway, I doubt that the people who search on google, but click a sponsored link instead, have any idea what their doing. They thought it was a search result and didn't verify where they were being linked to. They deserved it.

I am disappointed that google is doing business with these scum. Certainly.

But the real problem is the ignorant, self destructive behavior on the web; failing to do necessary maintenance for Windows and IE; and using poor quality software for no good reason.

When I started using Netscape they had the majority marketshare. Then I used Opera which had next to none. It's not about the underdog status. In fact I'm kind of annoyed at over 90% of US web users all of a sudden.

For a second I thought that guy said...
World's largest, most popular web BROWSER allows their system to be compromised by lowest form of online entities.

Hmmm

I have a solution, how about never use IE ever again and never use a pc ever again.
Firefox and Mac save lives.

Brian, just a suggestion: Is this headline really correct, "virus writers"? Seems to me virus writers are a completely different category of bad guy than the bad guys doing the crimeware exploits who are out to make a buck. Virus writers don't typically profit from their work.

Following on to Anon's observation, I've been tiring of hearing the term "bad guys". I've taken to calling them "criminals" or at least "crooks"? Whether they are out to make a buck or just trying to show their prowess, it seems to me they are stealing, wasting, or abusing resources. Also, "criminals" is gender-neutral. ;-)

The easiest way to protect yourself is to not click on the ad, but rather copy and paste the link into your browser. I especially encourage this behavior when it's one of my ads ;-)

live virus free online and offline just by using firefox. I have been using firefox way before i was on a mac and you can tell instantly you notice the diffrence. Its even better if your on a mac and using firefox. Safari on the mac is great too but some sites don't want to support it so i just to the fox.

ironworksent.com/proaudiogear

http://www.seoluv.com
Luv Zombie
The astute decision to design Luv Zombie as Opt In from the onset that gave both Soccer Moms and their teenage sons and daughters the opportunity to participate was perhaps the shrewdest maneuver in the history of American Business. In the interim Luv Zombie has collapsed Google like a house of cards.
It wasn't the competition or the Social movement or even as some think the Homosexual Record Producer community in Beverly Hills. It was on Jekyll Island, just off the coast of southern Georgia, where America's wealthiest and most influential Bankers got together in secret and hatched their plan for creating Luv Zombie.
With input from Madison Avenue and K Street the Bankers could accurately forecast that their Fourth Estate Loan Portfolio Verticals were in jeapordy. History in the making was set into motion.

How to protect yourself from fraud, viruses, and other computer related abuses:

1. Don't use Microsoft or any non-free solutions when you have a choice (http://www.fsf.org/)

2. DO complain when you have no choice! Tell your employer, service provider, or whoever else it is that does not cater to "free" and open standards that you are looking at other alternatives (jobs/services/products). Point to GNU/Linux and other free ("open source") software.

I have turned down employment over the issue twice now and been all the better off for it. You may not always be in a position to take it to this extreme, but I am in a position to do it and so I have!

Just to point out why GNU/Linux is better than Microsoft Windows for security reasons (and it has nothing to do with number of users):

1. GNU/Linux distributions will update any software that is vulnerable. Microsoft's automatic update only works with Microsoft Software.

2. Microsoft Windows has no central authority for software. This makes it difficult to try out new software since you don't know it is trustworthy. GNU/Linux distributions maintain software repositories so trying out new applications is safe.

3. GNU/Linux distributions are by default more secure- Microsoft still fails to install software safely based on user/administrator privileges. Apple, GNU/Linux and others have done this safely for years.

If your not technical you can get an easy to use GNU/Linux system with the Linspire version of the operating system. This version is easy to use in comparison to most GNU/Linux versions. The only downside to it is your not completely liberated of non-free software (it is 90% free). It is a huge step in the right direction and I highly recommend it if your using Microsoft Windows currently.

You can get these systems from:
http://www.koobox.com
http://www.microtelpc.com/Default.aspx?tabid=281

among many others...

You can download a free edition from: http://www.freespire.org

If it doesn't work, or work well- buy a GNU/Linux system because many systems are not fully compatible and your user experience will undoubtedly suffer.

@Jack
using linux is not the solution, because if you don't patch linux you're vulnerable in the same manner if you don't patch windows

have you looked the screenshot on this article? http://blog.washingtonpost.com/securityfix/gnh.html
Who is the stupid guy that disabled the IE7's protected mode?

Just block ads like I do.

I am unwilling to allows ANY ads because you never know which ones are a security risk.

Ad Muncher blocks ads in ALL browsers so I don't have to worry regardless of the browser I happen to be using at any given moment.

Until there is no more risk I'll continue to block ads. (read: "forever")

In most case OpenDNS might prevent you from going on such malicious "look alike site" It's by far not the only security measure to take to protect yourself on the internet, but its one that is easy and free.

www.opendns.org

Google can be part of the solution. Why not scan the content of ad sites for malware? See the post on Google as a potential security vendor at http://www.realtime-websecurity.com/market_news_and_trends/2007/04/when_will_google_get_into_secu.html

Ubuntu and forget about all this.

This has been going on for well over a year within the world of warcraft "3rd party" gold suppliers. They buy ads attached to wow, ppl click and get infected, accounts are stolen and resold, or gutted. Often times they have such ads listed directly on many of the communities websites, due to google ads heavy usage..

nice to see the concept is branching out.

Firefox extension CustomizeGoogle is now updated with a fix to this problem. All users of this extension (it has more than 5 million downloads) will now be able to see the URLs of the sponsored ads when hovering them. http://www.customizegoogle.com

get the updates with Windows Update automatically and you're safe with IE7

As a site owner who earns profits from ads on my site, this hurts me because now visitors will be more likely to avoid clicking on ads for fear of a virus.

These virus writers hurt everyone!

Who is at fault? The bloody criminals who attempt to scam legitimate Internet users.

Who can do something about mitigating this risk? Google (check advertiser veracity and quality) AND Internet users (use patched operating systems and secure browsers). And what about our law enforcement agencies? I sure hope that somebody in 'homeland defense' has realized that Internet security can be just as important as guarding the borders.

One security measure that should be mentioned more frequently, and that would have prevented this exploit (if the offending URL's were included), is using the "Hosts" file to prevent access to these websites.

http://www.mvps.org/winhelp2002/hosts.htm

This MVPS HOSTS file is a free download. Instructions at the website are easily followed. The current file does block access to one site that I use (care2.com), for incomprehensible, to me, reasons. But that is easily corrected by commenting out the entry in the file.

Free Bottle of Penis Pills!

http://www.milf2007.com

Your girlfriend hates your small penis!

Why not update your windows & IE patches (or others for the Linux/Mac crowd), AND use scanners like the one from the guys who discovered this hack in the first place. ( www.explabs.com ) CA PestPatrol and MacAfee make good second-line defenses from spyware too.

It is not a Google's problem. Surfers could easily get the malicious software following link on another page. It is browser's problem. Browser must secure user from "bad guys" no matter where the link was clicked.
- http://www.zubrag.com

Brazilian pirates employed already this trick more than one year ago!
see:
9/1/2006 - Golpistas usam Google para fraudar contas bancárias
http://www.infoguerra.com.br/infonews/viewnews.cgi?newsid1136817105,89743, (br)

http://www.zone-h.fr/fr/news/read/id=122/ (fr)

@ Linux

"Ubuntu and forget about all this."

Amen, brother.

The reason why Firefox would help with this is because it has a checkbox "Allow scripts to change status bar text" that you can UNcheck to defeat this kind of obfuscation.

It *IS* Google's problem. First, it is (obviously) a significant PR gaffe for them. Second, a high-profile Google Ad has far more viewers (and potential clickers) than a similar link on almost any other web page in existence.

They really should do some pro-forma link-scanning...

Someone please help, i have gotten this virus. I dont know how to get rid of it. I have symmantec (one of the best anti-virus protection softwares out there) and i still cant fix it. i am very computer savy, and if someone could direct me into how to remove it manually, i would greatly appreciate it.

HEY!!! WASHINGTON POST!!! WAKE UP!!!

EXAMINE YOUR BLOG -- IT'S GETTING SPAMMED BY HOLUND ELEKTRONIKK HONG KONG.