Malvertising is a malicious technique performed by cyber thieves to spread malware via online ads. The code used in Malvertising redirects users to nefarious websites.
This type of attack targets reputed websites and in the past, there were many authenticate websites targeted by perpetrators. The attack allows cyber thieves to insert nasty code into authenticate online ads network.
Online Marketing has its own paradigm of business and advertising, which is one of the most influential parts of online business. BUT WAIT! In this technology world, not all things that glitter are gold. Hackers always try to infiltrate users’ system to make innocent victims and for them Malvertising is the great weapon to penetrate the system.
What is Malvertising?
Malvertising means a real face hidden behind the advertisement. It involves injection of malware into a legitimate web page and online ads network. It can direct a victim to unreliable content and infect their computer system to access sensitive information or control the whole system.
Such type of trick includes malware script or malicious software that executes on pre decided date and time. Attackers compromise websites and spread malware across a large number of computers.
The interesting thing about such technique is that it does not exploit any vulnerability of the system. Currently, attackers are targeting Adobe and Flash to spread malware, as they are highly vulnerable.
How does Malvertising work?
Malvertising works in two ways: An attacker search for legitimate website and put a malware advertisement on a site. It may redirect users to another fraudulent webpage instead a legitimate advertisement page. After a certain amount of time, the attacker removes malware or discontinues the ads.
In another way, a pop-up ad can spread malware. Attackers deliver a malicious payload via pop- up ads. Once it appears on a user’s computer screen, a user clicks to close pop-up ads. The malware begins to execute on the user’s computer system when user perform such activity.
The reason behind increasing Malvertising is bulk ad buying practices or Programmatic Buying. Programmatic buying option makes buying and selling of ads easier. But it makes easy for an attacker to mimic reliable ad maker or ad agencies; and put fraudulent ads on sites to spread malware infection later on. Buyers and sellers do not know each other in Programmatic Buying.
What Research says?
OTA (Online Trust Alliance) said in report that malvertising has recorded an increase of 200% in 2013 year compare to 2011 and 2012. The registered number of incidents is 209000 and 12.4 million malicious ad impressions were generated in 2013 year.
The results come up from Malvertising include capture of sensitive information, turning the device into a Botnet, use of compromised victim’s device to perform a DDoS attack against bank, government agencies, and other organizations.
Recent Malvertising Incident:
In October 2014, malvertising targeted US military contractors to steal military records and intellectual property. The experts at Invincea declined to suggest name of those military firms, but they have also spotted six malvertising attacks against aerospace contractor and other military contractors in September 2014. According to Invincea, Victims can be targeted on the base of their interests in certain news sites,online poker or stock forums. Even browser cookies play a major role in such malicious campaign.
Tips to Prevent Malvertising:
Users can take below steps as a precaution to avoid Malvertising campaigns:
- Users should update operating system, software and plug-in on regular base.
- Never respond to advertisement saying “update software”, “increase speed” as it may lead to a fake web page or inject malicious code into a Computer or Smartphone system.
- Do not download antivirus or malware scan software from a banner ad or pop-up ads. Always go to direct website link of the related antivirus software provider or Web site Anti-Malware Scan provider.
- Always keep firewall ‘ON’ to prevent unauthorized traffic.
- Avoid peer-to-peer file sharing programs and unknown toolbar installation.
A vital protective measure for publishers is to utilize a good ad server to handle online advertising. If you are a publisher, advertiser, or ad agency, you should confirm already determined scrutiny before publishing any online advertisement. It is essential to look over the following tips for the sake of user’s safety.
Publishers should take precautions to avoid Malvertising campaign that are as under:
- Check the domain authenticity of advertisers and agencies with the anti malvertising engine.
- Check the WHOIS record before allowing ads content onto your website, the record includes hosting place of website, domain registration detail, contact details of the domain registrant etc.
- Always check that potential partner’s detail is matching or not with their billing details.
- Remind the sales team to check the reliability of the new clients who place a last minute order with credit card or wired transfer instead of invoicing.
- Make a comprehensive analysis on all ad creators like to investigate domain URL with WHOIS record, inspect iframes and redirects, scan flash, PDF files, etc.
- Be careful of advertisers who contact your team at unusual hours.
Malvertising is the next big mayhem for web users as well online marketing networks. Attackers are rapidly developing new techniques to spread malware across a number of websites. It is time for publishers and advertising agencies to fight against such malicious campaigns as a joined entity. According to an eMarketer report, the Global advertisement market is reached its new height with spending nearly $137.35 on online advertisement. eMarketer predicts that by 2018, total global media spending will reach $656.3 billion.
In this case, hackers will have vast ground to spread malware, unless if any strict precaution is taken in this direction.
Related Posts :