Malverstising a blend of “malicious” and ” advertising” is a cybercrime tactic . Criminals use online advertisements to distribuite malware.These ads often placed on legitimate websites .Infect a users device with harmful software when clicked or even when simply viewed.
Malverstising exploits vulneravilities in browsers or ad networks , tricking users into visiting malicious sites , downloading harmful files or exposing personal information without their knowledge.
How Malverstising attacks ?
Malvertising can affect users in multiple ways and it typically involves exploiting vulnerabilities in web browsers or ad networks . Cybercriminals are creating malicious ads, often designing them to resemble legitimate advertisements.
Drive by doenloads ‘ Malicious code embedded in the ad automatically downloads malware to a users device without their interaction’.
Click-Based Attacks ‘ Users are prompted to click on the ad, which redirects them to fake website .
Exploit Kits ‘ These tools scan the users system for vulnerabilities (e.g outdated software) .
According to Confiant’s Dangu, gift card scams are currently the most prevalent form of attack. In late 2018, the company discovered a large-scale malvertising campaign that targeted iOS devices used by U.S. citizens. The cybercriminal group known as ScamClub managed to hijack 300 million browser sessions within just two days. ‘The collected data includes purchasing intentions and health-related information, which the attackers sell to data brokers.
Malware Delivered via Malvertising
Ransomware this type of malware locks users out of their devices or encrypts their data .Demanding a ransom to restore access. Spyware and Adware malvertising can install spyware to monitor users activities, steal sensitive data or flood them with unwanted ads.Trojan horse.
Detection and Prevention of Malvertising
For Users
Use Ad Blockers Tools like ad blockers can prevent malicious ads from appearing, though they may also block legitimate ads.
Update Software Regularly: Ensuring browsers, operating systems, and plugins are up to date. Can protect against exploits used by malvertising campaigns.
Avoid Suspicious Ads: Users should be cautious when interacting with online ads. Especially those that promise too-good-to-be-true offers or prompt software downloads.
For Website Owners and Businesses:
Monitor Ad Networks: Carefully vetting the ad networks and monitoring. The ads being displayed can reduce the risk of exposing users to malvertising.
Implement Web Security Measures: Enforcing web security protocols, including Content Security Policies (CSP) and secure HTTPS connections. Can help detect and prevent malicious ads.
Malvertising Future
The future of malvertising looks grim, as security experts predict it will continue to thrive in the coming years, with criminal groups becoming more sophisticated, wealthier, and harder to catch. Louie from Devcon anticipates a rise in the use of polyglot files. “She predicts a significant rise in sophisticated threats emerging from ads, along with a resurgence of watering hole attacks.”
Dangu warns that threat actors will increasingly blend into the environments they target. “Just a couple of years ago, malvertising payloads were more conspicuous, as the code clearly looked out of place,” he explains.“Today, attackers are getting better at using native ad server functionality to make their malicious code appear as part of the ad tech stack, rather than third-party code.”
Most security companies predict that malvertising will increasingly target mobile users, as many don’t feel the need to install security products on their devices. In 2018, GeoEdge reported a 50% increase in mobile ad attacks, and by early 2019, they observed a 67% rise in harmful ads targeting in-app environments.
Segura has noticed this . “Unlike desktops, which have multiple layers of protection, mobile devices remain vulnerable to a variety of attacks due to both a lack of safeguards and low user awareness,” he says.
Some positive developments, however. RiskIQ’s Cowger foresees a decline in JavaScript-based cryptocurrency miners, largely due to the end of Coinhive.
Others hope that the advertising industry will become more aware of the problem, leading to increased demand for ad quality assurance and security tools.”As user complaints increase, more publishers turn to GeoEdge for assistance in safeguarding their brand and ensuring a positive user experience,” says Silber of GeoEdge.
Dangu is even more optimistic about the potential impact the advertising industry could have. Several initiatives aim to implement sandboxed ad placement, which the security community has contributed to, he notes. “After broad selection happens, most malvertising performing artists will be obliged by their existing strategies and will have to plan unused techniques. The specifics of which are yet to be determined.”