Skip to main content

Another Reason Not To Visit Glenn Beck's Website: Tons Of Malware

Whoever made the malware wasn't looking to steal bank credentials or credit cards. Instead, they turned Glenn Beck's readers into a gigantic "ad banner clicking machine."
  • Author:
  • Updated:

It turns out Glenn Beck has been spreading around something vile other than his horrible opinions. No, it's not herpes (probably). Security firm Invincea reports that on July 1, Beck's site The Blaze unintentionally transmitted malware through embedded advertising to many of his subscribers.

Invincea says that on July 1 and possibly on other dates, one of The Blaze's advertisers deliberately redirected users to a "Polish recipe website" that provided a lot more than pierogi ingredients. Unwary readers were affected with a drive-by exploit called Kazy or Kryptik, trojans that open holes in security software to give hackers access to unsuspecting users' personal information.

The Blaze is far from the first to fall for this kind of "malvertising" trick; in June, Cisco admitted that domains belonging to Disney, Facebook, The Guardian, and other major sites were surreptitiously funneling users to unsafe domains like so many congressmen to an FBI-run slush fund.


via Invincea

In The Blaze's case, Invincea software alerted the company to malicious links exploiting security holes in Internet Explorer 11. Whoever made the malware wasn't looking to steal bank credentials or credit cards. Instead, they turned Glenn Beck's readership into a gigantic "ad banner clicking machine," stealing what might have been a whole hell of a lot of money through advertising fraud. Another similar attack netted the hackers behind it a staggering $15 million. The Blaze has approximately 25 million unique users per month, and it's frankly pretty goddamn funny to imagine a lot of them wondering why their computers were suddenly sputtering out before they could finish ranting in the comments section about how welfare queens and "urban" gangsters are destroying America.

But while it did it unintentionally this time, The Blaze has long been a nexus for scammers, snake-oil salesmen and internet pawn shop pimps. For example, Beck rabidly endorsed Goldline International, Inc., a firm which claims to sell gold, silver, and other precious coins at reasonable rates for investors and collectors. Unsurprisingly, Goldline was just an excuse to rip off Beck's financially illiterate goldbugger audience by falsely claiming the feds were going to seize vast stocks of precious bullion. Courts forced them to repay $4.5 million. Beck of course enthusiastically keeps telling his viewers that the economic collapse is coming any day now, and that buying gold is the only way to protect your assets (At great risk to my personal safety, I turned off my ad blocker and took at look at their homepage. Prominent Goldline banners still line the site, in addition to piles of "pay your mortgage off quick!" tricks and sultry women begging to sell me male enhancements.)

Some of Glenn Beck's other advertisers include companies that supply doomsday preppers, who are like the gold freaks but stockpile large amounts of canned food and ammo. The Blaze sponsor Food4Patriots was revealed by ThinkProgress to be an elaborate scam that was dubiously legal. More recently Beck announced plans to start a libertarian community called Independence Park, which of course was never going to happen but would have made an excellent opportunity for more grifting.

You might even suggest that The Blaze itself is a giant scam on Beck's audience, because he has somehow convinced them that skits smearing rape victims as lying whores or articles screaming about how the Muslims are pouring over the Mexican border are legitimate news. So whoever was behind this big malware attack probably didn't have to think very hard about where to find a whole bunch of slobbering dingbats. Beck already lined up their marks for them and put them all in one big, happy community together, and I'm guessing most of them don't know how to use AdBlock.