Lately,many domain names have been used in fake advertisements to push malicious code.
The Spyware Sucks Blog shows some examples.The first example was vonage-inc.com, which was clearly not established initially by Vonage. This domain appears already to have been transferred to Vonage, but others, incorporating the company names Adconion, Carat, Fox Media, Lacoste, Orange and Pubmatic are still controlled by the maladvertisers. The blog also provides guidance for the IP addresses used by the malicious ad domains.
A second Spyware Sucks entry warns about malicious traffic from gogomediacenter.com, sys17media.com and praharesorts.cn. These and other domains use JavaScript encoding to attempt to hide what they are doing.
For more details visit :
http://blogs.pcmag.com/securitywatch/2009/09/fake_advertising_domains_and_o.php
