The register reports that Digital Spy, a high profile UK gossip site carried banner inflicting ads. Digital Spy has acknowledged the issue and said it promptly addressed it, however details on the source of the malicious banners is still not availalbe.

Malware distribution through ad programs is a borderline phenomenon. While there is no question that malware distribucion is malicious, and in most geographies illegal, in many cases the site owners are not technically responsible for the content of the ads they serve  as the ad content comes directly from a 3^rd party. The question whether they are legally responsible is open.

Another issue is defining a malware. Many times ads are used to entice users to download and install programs that are questionable. a rootkit installed through a known browser vulnerability is a malware, however the distinction between adware and malware is many time blurred and depends on:

• The ratio between benefit to the user and benefit to the software distributor,
• The clarity in which the benefit to the software distributor is explained to the user, and lastly:
• The legality of this benefit

Celebrities web presence hacking is topping 2009 incidents list, and rappers seem to lead. However this report in the Ampersand, like the Lil Kim story from the same week,is somewhat questionable. In both cases it seem that uncomfortable content was blamed on hacking.

West's story is somewhat ironic as he used his blog to remind users of the untruthfulness of his web presence.

When reviewing all the rappers incidents, my conclusion is that they are more susceptible to content spoofing because it is much easier for hackers to imitate their language and style.

Websense reports that my.barackobama.com, an open blogging service which is part of Obama's campaign web site has been used to point users to malware infecting content.

The scam is a good example of the dangers of Web 2.0 user generated content and mashups. There was no malicious code on the Obama's site, however an allowed HTML code looking like a YouTube embedded flick pointed to an external site which carried the malware.

This incident might have not gotten into the Web Hacking Incident Database a year ago. However a heated discussion on the Web Application Security Consortium threat classification project reminded me that content spoofing is a potent attack vector by itself, actually one of the most dangerous there.

Wiki is one of those platforms that by design allow content be changed. It is its philosophy, and Wikipedia is the premier wiki out there. It is not a surprise that it is a prime target to content spoofing, as the story about the unexpected demise of two US senators during Obama's inauguration.

You can read more about the unique security philosophy of Wikis in my recent article and presentation about the subject.

John Abell from Wired magazine often writes about Apple's CEO health. However, this report about Job suffering a cardiac arrest, was neither his nor true. The culprit was Wired public image viewing utility which lets people upload am image and than presented the image as part of the Wired web site, banner and domain included.

This is a wonderful example of a web application design flaw. There was nothing wrong with the code, however the design of the feature enabled it to be abused.

Further information:

• Abell's own report on the incident