Click here to Skip to main content
15,563,490 members
Please Sign up or sign in to vote.
1.44/5 (2 votes)
See more:
Dear friends,

MY Asp.net applications, bread winnders of the company, attcked by Malware Ads at some of our customer places. This is causing multiple problems.

1. Customers are thinking that these Ads are created by us.
2. Making users' life difficult to use the application.
3. Customers are not happy owning the application, due to Ads.

We throw a message saying that "We do not display any Ads of any sort. We request users to stick to right browsing practices" each week. But no serious advantage.


One customer on the affected computer, even demonstrated by opening www.google.com, wherein all Ads disappeared. When I open our Asp.net applications, All Ads reappeared. That was fully embarrassing.

Please help us some techniques so that Ads should not come and sit on top of it. Kindly help.

Umesh m.s.
Anush Infobase
Bengaluru, 'Karnataka, India
Posted
Comments
virusstorm 21-May-15 15:30pm    
Do these advertisements only appear at your client's location or do they appear at other locations as well.
Richard Deeming 21-May-15 15:40pm    
Are the ads being added to your database? If so, you've almost certainly written code which is vulnerable to SQL Injection[^].

The solution is to review all code which touches the database in any way, and make sure you're using properly parameterized queries.
Sergey Alexandrovich Kryukov 21-May-15 17:02pm    
It's impossible to teach such technique in few Quick Answers. Besides, it might be not your fault, but the fault of your hosting provider. We don't have enough information to find out what happens; serious investigation is needed.

I hate to say so, but your message "We do not display..." only shows to the users that you are helpless and some may consider it as plain lie, even those who may believe you did not put these ads yourself. No matter what happens, this fallacy will be considered as your responsibility, The fact that the adds are not yours can only make such opinion worse, it shows that you don't control your content, so it can bring something even worse (viruses, malware) to the client. Some may blacklist your side, for some good reasons, and so on.

—SA

Get your site penetration tested ("pen tested") to see if there are any flaws in the code you're not aware of. Most likely culprit is SQL Injection attacks. Google what these are and look at your code to see if any of it falls foul.
 
Share this answer
 
Thanks for all the kindness you guys demonstrated by replying to my problem. I do not know how much I will be useful to you when you share your problems.

As far as Ads are concerned, these are appearing in one or two computers among 15 different modes used across geographies. Even when they format the computer and load OS again, then these Ads will not be there.

I am sure of the fact that there is no "SQL injection" happening. We tried installing on malware preventing app at one place. That worked. However, there are 10s of such places and customers keep using in different computers. It is impractical to depend on Malware preventing Apps in this case.

I wish to incorporate something in the code or delivery method so that these Ads are eliminated permanently.

Please be kind enough to get back.
 
Share this answer
 
Comments
Richard Deeming 22-May-15 13:30pm    
Please don't post comments as new solutions. There's a "Have a Question or Comment?" button under your question, and under each answer. Or, you can use the green "Improve question" link to edit your question and add any extra details.

If the ads are only appearing on certain computers, then it's most likely that those computers are infected with malware. There's every possibility that the infection didn't come from your site.
umesh5656 22-May-15 13:38pm    
Hi Richard.. Thanks for the quick reply. However, on the same computer, at the same time< if we open www.google.com, www.sendspace.com, then these ads disappear. Customers are asking this, when we say your computers are affected by malware. We need THAT technique used by most websites where malware Ads are not a problem at all. Pls help.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900