A couple of weekends ago, I was doing exactly what most computer users do in their free time. I was sitting front of the computer, visiting sites that I have no business with. One site led to another and I eventually started looking for some old friends I had lost contact with over the years. One such search led me to Spoke.com, a business networking site. Using the Spoke search box soon had me believing that my computer might be infected and I would soon need to scan it for malicious programs. OK, I didn't really believe it because I was laughing a bit too much, trying to understand what the "warning" was trying to tell me:

Infected computers will suffer "freezes and creahes"? That sounds nasty.
The user profile pages displayed an advertisement, hosted on Spoke.com, which was redirecting users to a link on iexplorer-security.org (a site registered in the Russian Federation). This link, in turn, eventually led to XP Antivirus, an application that exaggerates threats on a computer in order to convince the user to make a purchase.

About 24 hours after this surfing experience, I alerted Spoke.com about the malicious advertisement on their site and they had it promptly removed. The malicious SWF advertisement file might have been removed from one networking site, but it continues to show up on other sites, as reported by MSMVP Sandi.
I thought about putting in the customary "safe computing" advice in here, but then I decided against it. The fact that you’re still reading this entry is reason enough to believe you do (or at least try) to follow those guidelines.


More...