So, a site associated with one I am in charge of seems to have an advertisement that has been downloading malware to people's computers, and no one there knows how to figure out which ad is doing it. They know it's not a locally-hosted ad, and is probably one being given through this national ad distributor that they use (and we don't, thank God).
Does anyone know a good way to figure out which advertisement is infected?
#2
Gared
Short of searching around the net to see if people are complaining about a specific ad, and then checking to see if that ad is one of the ads served by that distributor, the only thing I could think of would be a major pain in the ass - disable any proactive AV/AM software on your computer and visit the page over and over again, checking your system with a reactive AV/AM solution after each hit, until you find the one that's infectious.
#3
Dave
Do you use anything other than Google ads? If so, you'll need to go to the places where you got the ads and look at them individually. If i's Google you can damn well bet that they've already fixed the issue.
#4
strawman
Stop using that advertiser. They are either ignorant, and will let another one through the minute you figure out this one is bad, or complicit and are making money off infecting your user's computers.
Dump them. You can't play whack a mole with this sort of system, there are too many moles. It's very likely not just one ad, but several, and the minute you report which one it is and have it removed fro the service, another one will pop up right behind it.
