16 March 2016

Of Malware and Adware: Why Forbes Did Not Serve Me Malware

The topic of web-based advertising is always a hot topic for discussion, debate, and outright argument. One realizes that the Internet in which we've grown accustomed to is reliant on ads; after all, Google is an advertisement company.

In the recent past we've seen articles on malvertising targeted using Skype and more recently using the New York Times and BBC. Soon after, comparisons were made between these attacks and an incident I noted in January regarding Forbes.com. Those comparisons are ongoing, motivating me to write this post.

While Forbes did experience a malvertising event last year, these attacks are nowhere near the same as the event I posted in January. That people claim so shows a general lack of education, even among security practitioners, of malware vs adware vs PUP, and valid threats vs nuisances.

Forbes did not serve "malware" and cannot be compared to these incidents.

To explain this in detail, let's discuss how my event came to be.