A Facebook game with more than 9 million users has been caught serving ads that try to trick viewers into installing malware.
Hundreds of users of Farm Town have reported seeing the ads, which falsely claim the user's PC is infected and can only be fixed by buying and running the anti-virus software being advertised, according to this forum. Farm Town developer SlashKey warned users to ignore the ads but failed to suspend third-party adverts, much to the anger of security experts.
"It may not be Farm Town's fault that a third-party advertising network is serving up malicious ads, but doing anything less is surely showing a careless disregard for the safety of its players," wrote Graham Cluley, a senior technology consultant at Sophos. "Until the makers of Farm Town resolve the problem of malicious adverts, my advice to its fans would be to stop playing the game and ensure that their computer is properly defended with up-to-date security software."
Rogue AV software like that advertised to Farm Town players has proved to be a bane to computer users. Such titles generate billions of dollars per year in revenue to fraudsters, while stealing credit card data and often planting backdoors on end-user's machines.
Over the years, The New York Times, MySpace, and scores of other sites have been caught serving ads that try to trick viewers into believing their machines are infected, often by displaying mock hard drive scans with a list of malicious files detected. The ads are usually the work of fly-by-night advertisers who trick advertising networks into distributing the sham banner ads.