OVER the weekend, some visitors to the Web site of The New York Times received a nasty surprise. An unknown person or group sneaked a rogue advertisement onto the site’s pages.

The malicious ad took over the browsers of many people visiting the site, as their screens filled with an image that seemed to show a scan for computer viruses. The visitors were then told that they needed to buy antivirus software to fix a problem, but the software was more snake oil than a useful program.



Exploiting weaknesses in online ad systems is an increasingly common approach for computer criminals around the globe who hope to make a quick buck from the audiences of the sites they attack. Experts say the problem is likely to get worse as companies scramble to satiate a click-happy online culture.

“The development of multimedia ads, mini-applications and social networking tools is far outpacing the speed of the thinking process about the security that goes into those applications,” said Joe Stewart, a director of malware research at SecureWorks, a security services company.