Malvertising involves using online advertisements to spread malware. Attackers purchase ad space on legitimate websites and inject malicious ads containing viruses, spyware, or other threats. When users visit an infected site, these malvertisements can install malware pre-click or post-click. Major companies have struggled with malvertising attacks. While it's difficult to fully prevent such attacks, users can help protect themselves by keeping software like browsers and plugins updated, using ad blockers and antivirus software, and being cautious of the sites and programs installed.
Scaling API-first – The story of a global engineering organization
Malvertisement the covert advert
1. Malvertisement: The Covert Advert
Malvertising
• Sounds like a mouthful, I
know.
• But it’s a word-blend
(postmanteau) between
Malware and Advertising.
• To put it simply, the use of
online advertisement to
spread Malware
www.izoologic.com
2. Malvertisement: The Covert Advert
www.izoologic.com
• Malvertising is what occurs when online
advertising is used to spread malwares.
• Malvertising is what ensues when attackers
purchase ad spaces in famous or legitimate
websites and inject them with ads that are
loaded with viruses, spywares, malwares and all
sorts of cyber waste out there you’ve never
even heard of.
• Basically, any display advert that delivers a code-based threat to the visitor’s
browsing session can be thought of as a malvertisement.
3. How Does It Work and Who Are Affected?
• I know, these attackers are quite “sneaky” and that’s true.
That’s how they operate.
• And they don’t really care if the sites are big shots like
Google, Yahoo, Spotify, Ebay or even Reuters.
• The more popular a website is, the more users they can
infect. It provides them with a wider platform to push their
attacks to unsuspecting web users who might not otherwise
see the adverts, due to firewalls, more safety precautions or
the like.
www.izoologic.com
Malvertisement
4. Malvertisement: The Covert Advert
So what goes down, exactly?
• Attackers attach themselves on trusted, legitimate
websites as bait.
• These attackers aim for clean and reputable websites
specifically those with lots of frequent visitors (e.g.
Youtube, Spotify, NY Times, Yahoo, AOL, NFL, etc.).
• Many websites, especially the large and popular ones
with several thousands or millions of users per day, rely
heavily on third-party vendors and software providers to
display their adverts for them.
This, in turn, reduces direct oversight and the amount of scrutiny that should that
should take place security-wise. This kind of data automation makes online adverts
vulnerable to malvertising.
www.izoologic.com
5. www.izoologic.com
Malvertisement: The Covert Advert
The websites themselves aren’t
infected, and the advert
publishers have no idea that
they are blasting malicious
content into potentially
thousands and possibly millions
of computers until it’s too late.
Moreover, it has become quite a challenge for cybersecurity experts to properly
identify exactly which adverts carry malicious contents because the adverts on a
certain page change constantly. One user may get infected, but the next five, who
visits the exact same page won’t be.
6. I’m OK as long as I don’t click those ads, right?
FACT: PCs can be infected pre and post-click.
www.izoologic.com
It is a very common notion that the actual
malware infection happens when visitors to the
infected site begin clicking on a malvertisement.
But that’s not the case. Instances of these pre-click
malwares include being incorporated in main
scripts of the webpage or what we call drive-by-
downloads. These malwares can be programmed
to auto-run, , meaning
it can automatically take a user to a different site entirely and that site could be
potentially malicious. Malwares can also be programmed to execute in the delivery of
an advert – wherein a clean advert that has no infection pre or post click (in its original
design) can still be infected whilst being requested.
Malvertisement: The Covert Advert
7. www.izoologic.com
Malvertisement: The Covert Advert
Malvertising is a relatively fresh
and perceptive approach for
spreading malware and is even
harder to prevent because it
can work its way into a
legitimate webpage and spread
through a system unknowingly.
An interesting thing about these infections via malverts is that it doesn’t require
any clicking from the user to compromise the system and doesn’t expose any
weaknesses on the website or even the server it is hosted from. The
complexities of these infections are so diverse and yet its delivery is as simple as
injecting through advertisement networks.
8. www.izoologic.com
Malvertisement: The Covert Advert
Major companies and websites have had their share of challenges in
battling the growing number of malvertising attacks, which hints
that it’s not going away anytime soon.
9. www.izoologic.com
OK. How Can We Fend Off These Attacks ?
Unfortunately, with this kind of
attack vector, it’s quite difficult
to defend ourselves against it
head-on.
But, there are a few things that
we can do to possibly protect
ourselves, if not, prevent these
cyber-attacks from happening.
Disable / Turn Off Java : In most cases, you won’t need Flash
too. The less plugins you have installed or enabled, the lesser
potential entry points you’re leaving for malverts.
10. www.izoologic.com
OK. How Can We Fend Off These Attacks ?
Make sure your plugins are updated
: If you must install plugins, make sure they
are updated for them to be effective.
Developers regularly issues updates to fix
security gaps so make sure you install them.
Make sure your browser is updated with the latest version :
This is a no-brainer. Most cyber-attacks are often introduced via browsers due to
security holes. It pays off to making sure you have the latest security updates
installed.
11. www.izoologic.com
OK. How Can We Fend Off These Attacks ?
Consider installing an Ad-blocker,
Pop-up blocker or Anti-malware
program :
This is another option to fight off those nasty
pop-ups and other malwares unknowingly
creeping its way to your system.
Get a decent Antivirus Software : Your first line of defense
against viruses, malwares, and other forms of cyber-attacks.
12. www.izoologic.com
It’s important to keep in mind that at the
end of the day, no matter what kind of
device you use, you just need to be
aware and be mindful of the sites you
visit, the apps or programs you install,
and how it affects your privacy.
Always make sure you are updated and
well-informed with the latest trends and
developments in Cyber Security here at
iZOOlogic.com/blogs.
Vince Luna
iZOOlabs Security Response
Malvertisement: The Covert Advert