Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
DEC 25
BY –ANKIT KUSHWAHA
WE ARE TALKING ABOUT
MALVERTISMENT …
Malvertising is the use of online
advertising to spread malware.
Malvertising involves injecting
malicious ads into legiti...
EXAMPLES OF MALVERTISING
 How many ad impressions were driven by
malvertising
in 2016?
 Over 10 million
 Over 1 Billion
 Over 10 Billion
10 BIL...
 On which day of the week is malvertising
most active?
 Monday
 Wednesday
 Sunday
 All days equally
0 100 200 300 400 500 600
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
Sunday
Day of the Week
df
User
Visits a popular
website, gets
infected via
exploit kit
Website
Serves a banner
ad, sometimes
malicious
Attacker
C...
Clean.navy malvertising
© Copyright 2014 Cyphort, Inc. All rights
reserved. Proprietary & Confidential
CLEAN.NAVY
Feb 25, ...
GOPEGO malvertising
GOPEGO
Feb 4, 2015
gopego.com malvertising
downloads CryptoWall
ransomware.
The attack serves an explo...
https://otalliance.org/system/files/files/resource/documents/report_-
_online_advertising_hidden_hazards_to_consumer_secur...
Malvertising
Malvertising
Malvertising
Malvertising
Malvertising
Malvertising
Malvertising
Malvertising
Malvertising
Malvertising
Malvertising
Malvertising
Malvertising
Malvertising
Malvertising
Malvertising
Malvertising
Malvertising
Upcoming SlideShare
Loading in …5
×

Malvertising

210 views

Published on

Malvertising (a portmanteau of "malicious advertising") is the use of online advertising to spread malware.

Published in: Internet
  • Be the first to comment

  • Be the first to like this

Malvertising

  1. 1. DEC 25 BY –ANKIT KUSHWAHA
  2. 2. WE ARE TALKING ABOUT MALVERTISMENT …
  3. 3. Malvertising is the use of online advertising to spread malware. Malvertising involves injecting malicious ads into legitimate online advertising networks and web pages. Anti-Malvertising.com
  4. 4. EXAMPLES OF MALVERTISING
  5. 5.  How many ad impressions were driven by malvertising in 2016?  Over 10 million  Over 1 Billion  Over 10 Billion 10 BILLION
  6. 6.  On which day of the week is malvertising most active?  Monday  Wednesday  Sunday  All days equally
  7. 7. 0 100 200 300 400 500 600 Monday Tuesday Wednesday Thursday Friday Saturday Sunday Day of the Week
  8. 8. df User Visits a popular website, gets infected via exploit kit Website Serves a banner ad, sometimes malicious Attacker Creates and injects malware ads into advertising network Advertising Network Selects an ad based on auction, sends to the website
  9. 9. Clean.navy malvertising © Copyright 2014 Cyphort, Inc. All rights reserved. Proprietary & Confidential CLEAN.NAVY Feb 25, 2015 Clean.navy subdomain is loading Angler Exploit Kit with the exploit for CVE-2014-6332 Windows OLE Automation Array Remote Code Execution Vulnerability. www.cyphort.com/dod- contractors-website-clean-navy- serving-drive-exploits/ 1 start www.***zone.info 2 redirect ads.adgoto.com 3 redirect shop.traditionalarrows.com 4 malware payload bolivi**e.clean.navy/lists/9***
  10. 10. GOPEGO malvertising GOPEGO Feb 4, 2015 gopego.com malvertising downloads CryptoWall ransomware. The attack serves an exploit package embedded in a flash file, including exploits which target four vulnerabilities. Among them the notorious CVE-2015-0311 . www.cyphort.com/gopego- malvertising-cryptowall/
  11. 11. https://otalliance.org/system/files/files/resource/documents/report_- _online_advertising_hidden_hazards_to_consumer_security_date_privacy_may_1 5_20141.pdf https://blog.opendns.com/2014/06/12/ads-security-dont-mix http://www.cyphort.com/huffingtonpost-infected-again/ http://adwords.blogspot.com/2015/02/fighting-bad-advertising-practices-on.html http://in.reuters.com/article/2014/10/16/cybersecurity-military- idINKCN0I52D820141016 http://www.slideshare.net/ksanz15/understanding-the-online-advertising- technology-landscape http://blog.fox-it.com/2014/08/27/malvertising-not-all-java-from-java-com-is- legitimate/ http://www.slideshare.net/mhmoo/us-digitalfutureinfocus2013-27520934 http://www.insideprivacy.com/files/2014/05/PSI-Report.pdf http://blog.fox-it.com/2014/08/27/malvertising-not-all-java-from-java-com-is- legitimate/ http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white- papers/wp-evolution-of-exploit-kits.pdf http://secpod.org/blog/?p=1207 References:

×