The criminal farce that is Google and their fake advertising empire is
exposed in this article.  It shows how easy it is to leverage Google's
adsense system to perform browser-based exploitation.

Its bad enough that Google earns revenue mainly through fraudulent
botnet pageviews and clicks, fleecing ignorant advertisers of billions
of dollars a year.  Advertisers who know nothing of the underground
world of botnets, and google works hard to keep it that way.

At the end of this story you will find a list of google hosts that you
can enter into your Windows or Android HOSTS file.  This will prevent
your device from accessing and participating in google's advertising and
tracking system.  

Starve this beast.  Be a part of the solution - not part of the problem.

And thanks to Google itself for being so stupid as to host this post and
make it available on your own lame interface to usenet (something you
ignorantly call "google-groups" as if you invented and own it).  It will
allow those less knowledgable about usenet to be able to take measures
to protect themselves from you and the vulnerabilities that you present
to web users as they browse the internet. 

By hosting this information about your HOSTS entries, you are helping to
distribute the very information and knowledge that will aid in your own
economic destruction.  And you so well deserve it.

==========================

Google nixes widespread malvertising attack

Webmasters were flummoxed when their sites redirected to fraudulent
websites hawking products

Jan 15, 2015

Google has stopped a widespread malicious advertising attack that
bounced Web surfers to dodgy sites hawking weight loss and skin care
products.

The malicious ads were delivered to website owners signed up with
Google's AdSense program, wrote Denis Sinegubko, a senior malware
researcher with Sucuri, a Delware-based security company. AdSense
supplies relevant banner advertisements to websites.

When displayed, the malicious advertisements automatically redirected a
person's browser to bogus websites. Those websites were designed to look
like legitimate magazines such as Forbes and Good Housekeeping,
featuring spammy offerings for anti-aging and brain-enhancing products,
among others, Sinegubko wrote.

The attacks persisted since mid-December, spiking last Friday before
Google apparently eliminated the malicious advertisements over the
weekend, Sinegubko wrote. The problem generated a large number of
questions and comments on Google's AdSense help forum.

https://productforums.google.com/forum/#!topic/adsense/szfNNkPrkLI%5B1-25-false
%5D

The type of attack, known as malvertising, has been an ongoing problem
for online advertising companies. Scammers will often submit
non-malicious ads for approval then swap those out for malicious ones.

Google says that AdSense content is "reviewed by real people and clever
machines" before appearing on websites. But the system doesn't appear to
be foolproof.

In the AdSense support forum, Google moderators acknowledged the issue
and said they were working to block the malicious ads.

Sinegubko wrote that the fake magazine websites were hosted on three
domains, none of which show any content if viewed directly. The three
domains were only just registered in mid-December, he wrote.

Some affected website owners figured out which advertisements were
causing the problem. Banner advertisements that run on a person's site
can be reviewed through an AdSense control panel called "Ad Review
Center" and blocked if necessary.

Viewed through there, the malicious ads still redirected, giving
webmasters a clue as to which ones were problematic.

Two campaigns were identified as malicious, although it was unclear if
the accounts running them had possibly been hijacked by the scammers.

A broader issue is whether Google can control advertisements with
third-party scripts that cause unauthorized redirects, Sinegubko wrote.

"If Google doesn't control scripts in their ads, AdSense may eventually
turn into the largest malvertising platform despite of the still
prevailing opinion that Google Ads are probably the most safe ad network
out there," he wrote.

http://www.infoworld.com/article/2870790/security/google-nixes-widespread-malve
rtising-attack.html

====================

Cut and paste the following into your device's hosts file.  If you don't
know what a hosts file does, or where to find it on your system, why not
use google to search for "hosts file" and learn what this file does and
how to modify it on your device.

127.0.0.1  googleads.g.doubleclick.net
127.0.0.1  tpc.googlesyndication.com
127.0.0.1  pagead2.googlesyndication.com
127.0.0.1  www.googletagmanager.com
127.0.0.1  www.googletagservices.com
127.0.0.1  www.google-analytics.com
127.0.0.1  cbks0.google.com
127.0.0.1  mt.googleapis.com
127.0.0.1  mt0.googleapis.com
127.0.0.1  ssl.google-analytics.com
127.0.0.1  jqueryjs.googlecode.com
127.0.0.1  themes.googleusercontent.com
127.0.0.1  imasdk.googleapis.com
127.0.0.1  mt1.googleapis.com
127.0.0.1  www.googleadservices.com
127.0.0.1  pagead2.googlesyndication.com
127.0.0.1  www.google.ro
127.0.0.1  redirector.c.googlesyndication.com
127.0.0.1  oauth.googleusercontent.com
127.0.0.1  accounts.google.com
127.0.0.1  www.googleapis.com
127.0.0.1  domains.googlesyndication.com
127.0.0.1  tpc.googlesyndication.com
127.0.0.1  googlesyndication.com
127.0.0.1  redirector.c.googlesyndication.com
127.0.0.1  suggestqueries.google.com
127.0.0.1  www.googletagmanager.com
127.0.0.1  www.googletagservices.com
127.0.0.1  base.google.com
127.0.0.1  partner.googleadservices.com
127.0.0.1  gp6.googleusercontent.com
127.0.0.1  google-analytics.com
127.0.0.1  safebrowsing.clients.google.com
127.0.0.1  frinitetourny.googlecode.com
127.0.0.1  ajaxlibs.googlecode.com
127.0.0.1  star-project-1.googlecode.com
127.0.0.1  gg.google.com
127.0.0.1  id.google.ca
127.0.0.1  id.google.com
127.0.0.1  www.google-analytics.com
127.0.0.1  www.googleadservices.com
127.0.0.1  chart.googleapis.com
127.0.0.1  foo.sandbox.google.com
127.0.0.1  plusone.google.com
127.0.0.1  plus.google.com
127.0.0.1  www.google-analytics.com
127.0.0.1  www.googleadservices.com
127.0.0.1  yt3.ggpht.com
127.0.0.1  fusion.google.com
127.0.0.1  ssl.google-analytics.com
127.0.0.1  plus.google.com
127.0.0.1  googleapis.com
--- NewsGate v1.0 gamma 2