Understanding Malvertising and Its Impact

Author

Reads 12K

Free stock photo of attack, compliance, cybersecurity
Credit: pexels.com, Free stock photo of attack, compliance, cybersecurity

Malvertising is a type of online advertising that's been hijacked by cybercriminals. Malvertising can appear on legitimate websites, making it difficult to identify and avoid.

It's estimated that over 1 billion people are exposed to malvertising every day, with the majority of them being unaware of the risks. Malvertising can be embedded in seemingly harmless ads, such as banner ads or pop-ups.

Malvertisers often use sophisticated techniques to evade detection, making it challenging for website owners to remove the malicious ads.

What is Malvertising

Malvertising is a sneaky technique used by cybercriminals to inject malware into users' computers when they visit malicious websites or click on an ad online. Malvertising can also direct users to a corrupted website where their data can be stolen or malware can be downloaded onto their computer.

Malvertising uses what looks like legitimate online advertising to distribute malware and other threats with little to no user interaction required. This means even the ads you see on your favorite websites can be malicious.

Broaden your view: Online Advertising in China

Credit: youtube.com, What Is Malvertising?

Malvertising can install a tiny piece of code on your computer, which sends your computer to criminal command and control (C&C) servers. The server scans your computer for its location and what software is installed on it, and then chooses which malware it determines is most effective to send you.

Definition

Malvertising is a sneaky technique used by cybercriminals to inject malware into users' computers when they visit malicious websites or click on an ad online.

Malvertising can appear on any advertisement on any site, even the ones you visit as part of your everyday Internet browsing. This means you could be unknowingly clicking on a malicious ad while searching for something online.

Malicious advertising is intentionally designed to harm people and businesses with malware, potentially unwanted programs (PUPs), and assorted scams. This is done using what looks like legitimate online advertising to distribute malware and other threats with little to no user interaction required.

A tiny piece of code is installed on your computer when you click on a malvertising ad, which sends your computer to criminal command and control (C&C) servers. The server then scans your computer for its location and what software is installed on it.

You might enjoy: Google Ad Networks

History of

Credit: youtube.com, What is Malvertising?

Malvertising has a long and concerning history, with the first recorded attack occurring in late 2007 or early 2008, exploiting a vulnerability in Adobe Flash and targeting popular platforms like MySpace.

The New York Times online magazine fell victim to malvertising in 2009, publishing an ad that enlisted computers into a botnet of malware-infected computers. This was a clever trick to get readers to install malicious security software on their computers.

In 2010, malvertising exploded across the internet, with billions of display ads carrying malware across 3,500 sites. This was a wake-up call for the online community, highlighting the severity of the issue.

Spotify was hit with a drive-by download malvertising attack in 2011, showcasing the evolving tactics of cybercriminals. This type of attack allowed malicious code to be downloaded onto users' devices without their knowledge.

The Los Angeles Times was infected with malware via drive-by download in 2012, as part of a larger campaign targeting large news portals. This strategy set a precedent for future attacks.

Credit: youtube.com, What is malvertising?

In 2013, Yahoo.com was hit with a major malvertising attack, putting 6.9 billion monthly visitors at risk of infection with the CryptoWall ransomware. This attack was a significant blow to the online community.

The following year, 2014, saw a significant increase in malvertising attacks, with Google DoubleClick and Zedo ad networks suffering major campaigns. News portals like Times of Israel and The Jerusalem Post were also targeted.

Today, malvertising detections continue to grow, with threat actors like Zirconium perpetrating massive campaigns. In 2017, Zirconium bought an estimated one billion ads, with malicious ads present on 62 percent of ad-monetized websites each week.

Check this out: Google Search Ad Block

Types and Modes of Malvertising

Malvertising can infect your computer through various methods. One common way is by visiting websites that have been compromised by malvertising, which can lead to the installation of malicious software.

Pop-up ads can be particularly deceptive, prompting users to download fake anti-virus programs that actually install malware on their computer. In-text or in-content advertising can also be malicious, with text adjusted to include hyperlinks associated with content that downloads malware.

A fresh viewpoint: Content Farm Meaning

Credit: youtube.com, What Is Malvertising?

Drive-by downloads occur when malware is automatically installed on a user's computer due to vulnerabilities in their browser, even without their consent. Web widgets, hidden iframes, and content delivery networks can also be exploited to spread malware.

Here are some of the ways malvertising can infect your computer:

  • Pop-up ads for fake anti-virus programs
  • In-text or in-content advertising with malicious hyperlinks
  • Drive-by downloads
  • Web widgets
  • Hidden iframes
  • Content delivery networks
  • Malicious banners on websites
  • Third-party advertisements on webpages
  • Third-party applications
  • Mobile advertising through SMS promotions

Types and Modes

Malvertising is a sneaky way for hackers to inject malicious ads onto websites, putting users at risk of infection. This can happen through various methods, including pop-up ads that trick users into downloading fake anti-virus programs.

Pop-up ads are just one of the many ways malvertising can infect your computer. In-text or in-content advertising can also be malicious, with text adjusted to include hyperlinks associated with content.

Drive-by downloads are another method used by hackers, where a malicious file is downloaded onto your computer without your consent. This can happen just by visiting a website.

Web widgets can also be co-opted into redirecting to a malicious site, making it seem like a legitimate website. Hidden iframes can spread malware, while content delivery networks can be exploited to share malware.

Here's an interesting read: Pop-up Ad

Credit: youtube.com, Malicious Advertisements (Malvertising Attack)

Malicious banners on websites and third-party advertisements on webpages are also common methods used by hackers. Third-party applications, such as forums, help desks, and customer relationship management and content management systems, can also be compromised.

Mobile advertising through SMS promotions is another way malvertising can reach users. This can happen even when you're just browsing a website.

Here are some of the methods used by hackers to inject malicious ads onto websites:

  • Pop-up ads for deceptive downloads
  • In-text or in-content advertising
  • Drive-by downloads
  • Web widgets
  • Hidden iframes
  • Content delivery networks
  • Malicious banners
  • Third-party advertisements
  • Third-party applications
  • Mobile advertising through SMS promotions

Url

URL malvertising is a sneaky way malvertising can affect you, where your browser gets forcibly redirected to a malicious site.

This can happen when you click on a suspicious ad or link, or even when you're just browsing the web.

The redirect can be triggered by a clicking action, which installs malware on your device.

You may try to click on something to navigate away from the fake site, but that's when the malware gets installed.

How Malvertising Works

Malvertising is a sneaky way for attackers to spread malware through online ads. It's a complex network that involves multiple servers and redirects, making it hard for publishers and ad networks to detect.

Credit: youtube.com, What Is Malvertising And How Does It Relate To JavaScript Malware? - SecurityFirstCorp.com

Malvertisements can be found on both legitimate and illegitimate websites, and they often appear as normal ads like pop-ups, paid ads, and banner ads. They use social engineering tactics to trick users into clicking on them.

In some cases, just loading an infected webpage or landing page can download malware onto the user's computer, a technique known as a drive-by download. This can happen even if the user doesn't click on the ad.

Malvertisements can exploit vulnerabilities in the user's browser or software security to access their machine. They can also use an invisible web page element to do their work, making it hard to detect.

Here are some common methods malvertising criminals use to infect computers:

  • A provocative enticement to get the user to click on the ad, such as a warning of a malware infection or an offer for a free program.
  • A drive-by download, where the infected ad uses an invisible web page element to download malware onto the user's computer.

Malvertisements can cause a range of problems, from slowing down the user's device to quitting applications out of the blue. They can also steal sensitive data or set up backdoor access points to the system.

Malvertising Impact

Credit: youtube.com, Malvertising Attacks: How Google Ad Spoofed Account Attacks Work

Malvertising can impact users in a big way, even if they don't click on the ad. Malvertisements can cause "drive-by download" attacks, where malware or adware is automatically installed on a user's computer due to browser vulnerabilities.

Users may be redirected to malicious websites without their consent, exposing them to potential threats. This can happen through forced browser redirects.

Malvertisements can also compromise user security when clicked on. Clicking on a malicious ad can trigger the installation of malware or adware on a user's computer.

Users may be redirected to malicious websites instead of reaching the intended destination suggested by the ad. This can lead to phishing attacks, where users are tricked into divulging sensitive information.

Malvertisements can also lead to data loss and data theft. Malware from malvertisements can be programmed to steal user data, and can even leave backdoors open for thieves to steal data later.

Malvertisements can install spyware, including keyloggers that record user login credentials. This can be a serious issue, especially for businesses that handle sensitive customer data.

Here are some common ways malvertisements can impact users:

  • Drive-by download attacks
  • Forced browser redirects
  • Unauthorized display of unwanted advertising, malicious content, or pop-ups
  • Installation of malware or adware
  • Redirect to a malicious website
  • Phishing attacks
  • Data loss and data theft
  • Installation of spyware, including keyloggers

Malware Insertion and Risks

Credit: youtube.com, What Types Of Malware Are Spread Through Malvertising? - SearchEnginesHub.com

Malware insertion into ads is a serious issue, and there are several methods attackers use to inject malicious code. Malware can be injected into ad calls, making it difficult to detect. Malware-injected post-click is another method, where attackers compromise URLs that redirect users to ad landing pages.

Attackers can also embed malware in ad creative, such as text or banner ads, or even in video players that don't provide protection against malware. Malware within a pixel or video can also infect users by displaying a malicious URL at the end. Malware within Flash video can inject an inline frame into the page, downloading malware without the user needing to click on the video.

Some common risks of malvertising include inoperable computers and system networks, which can result from malware being downloaded onto your computer or network. Malware can also be used to install adware on your computer, leading to unwanted advertisements.

Malware insertion methods include:

  • Malware in ad calls
  • Malware-injected post-click
  • Malware in ad creative
  • Malware within a pixel
  • Malware within video
  • Malware within Flash video
  • Malware on a landing page

Ad Malware Difference

Credit: youtube.com, Malware: Difference Between Computer Viruses, Worms and Trojans

Malvertising and ad malware may seem like the same thing, but they're actually quite different. Malvertising entails the deployment of malicious code on a publisher's web page, specifically targeting individual users.

One of the key differences between malvertising and ad malware is their approach. Malvertising only impacts users who view an infected webpage, whereas adware, once installed, operates continuously on a user's computer.

Malvertising relies on infected web pages to spread malware, whereas adware persists on a user's computer, inundating the machine with unwanted advertisements. This makes adware a more serious threat in the long run.

To mitigate the risks of malvertising, publishers can take several steps. Here are some best practices to consider:

  1. Thoroughly vet ad networks, ensuring they have a solid reputation and robust security practices.
  2. Implement a stringent scanning process for ad creative before displaying it.
  3. Consider enforcing a policy that restricts the file types allowed in ad frames.

By following these practices, publishers can minimize the impact of malvertising and maintain a safer environment for their users.

Methods of Malware Insertion into Ads

Malware can be inserted into ads through various methods, making it difficult to detect and prevent. Malware in ad calls is one such method, where attackers compromise third-party servers and inject malicious code into the ad payload.

Credit: youtube.com, Malvertising: How Ads Can Give You Viruses

Attackers can also inject malware post-click, redirecting users through multiple URLs before reaching the ad landing page. This allows them to execute malicious code and compromise user devices.

Malware can be embedded in text or banner ads, especially those using HTML5, which combines images and JavaScript. Ad networks that use Flash (.swf) format are particularly vulnerable to this.

Legitimate pixels only send data, but if an attacker intercepts the pixel's delivery path, they can send a malicious code response to the user's browser. Video players do not provide protection against malware, and standard video formats (VAST) can contain pixels from third parties that may have malicious code.

Malware can also be injected into pre-roll banners that load while the video file is loading. This can happen through Flash-based videos, which can inject an inline frame (iframe) into the page, downloading malware without the user needing to click on the video.

Malware can be found on legitimate landing pages served by reputable websites, even if the website itself is not malicious. Clickable elements on these pages may execute malicious code, making it difficult for users to distinguish between legitimate and malicious content.

Here are the methods of malware insertion into ads:

  1. Malware in ad calls
  2. Malware-injected post-click
  3. Malware in ad creative
  4. Malware within a pixel
  5. Malware within video
  6. Malware within Flash video
  7. Malware on a landing page

Hardware Failure

Credit: youtube.com, How Has Driver Signing Protected PCs Over Time? - The Hardware Hub

Hardware failure can occur when a harmful file from a malvertisement overburdens your computer's processors or takes up all its random access memory (RAM), causing your computer to overheat.

This can lead to the failure of hardware components connected to the motherboard.

A computer's camera can also be hacked by malware introduced by a malvertisement.

Prevention and Protection

To protect yourself from malvertising, keep your software updated, including your browser, operating system, and plugins. Regular updates ensure you have the latest security patches, which can prevent vulnerabilities from being exploited by malware.

Installing an ad blocker can also prevent many types of malvertising by blocking the actual ads from loading on web pages. Ad blockers can filter out a lot of the malvertising noise, stopping dynamic scripts from loading dangerous content.

You can also enable click-to-play plugins on your web browser, which keeps Flash or Java from running unless you specifically tell them to by clicking on the ad. This can offer excellent protection against malvertising, as a large percentage of malvertising relies on exploiting these plugins.

Credit: youtube.com, The Malware Prevention Benefits of Webroot DNS Protection

Here are some additional steps you can take to reduce your risk:

  • Ensure that all software and extensions, including web browsers, are up to date.
  • Install antivirus software and ad blockers to reduce the risk of running a malicious advertisement.
  • Avoid using Flash and Java or allowing these programs to run automatically when surfing the web.

Remember, using antivirus software is also crucial in preventing malvertising, as it can detect and neutralize many types of malware. The key is to keep your antivirus software updated, so it can identify new types of malvertising and protect your system.

How to Protect Against

To protect against malvertising, it's essential to keep your software up to date. Regularly update your browser, operating system, and plugins to ensure you have the latest security patches. Outdated software often has vulnerabilities that can be exploited by malware.

Installing an ad blocker can also prevent many types of malvertising by blocking the actual ads from loading on web pages. This way, when you go to a webpage with malvertisements on it, you'll only see the webpage's content and not the fake ads hackers have worked into the advertising network.

Be cautious with pop-ups and don't click on them. Instead, close them by clicking on the "X" or through the task manager. This simple step can prevent many types of malvertising attacks.

Credit: youtube.com, What is Cyber Security? How You Can Protect Yourself from Cyber Attacks

Enabling click-to-play plugins on your web browser is another effective way to protect yourself. Click-to-play plugins keep Flash or Java from running unless you specifically tell them to (by clicking on the ad). A large percentage of malvertising relies on exploiting these plugins, so enabling this feature in your browser settings will offer excellent protection.

You should also consider using antivirus software, which can detect and neutralize many types of malware. Make sure your antivirus software is kept up to date to ensure it can identify new types of malware.

Here are some key steps to protect yourself from malvertising:

  • Keep software and extensions up to date
  • Install antivirus software and ad blockers
  • Avoid using Flash and Java or allowing these programs to run automatically when surfing the web
  • Enable click-to-play plugins on your web browser
  • Be cautious with pop-ups and don't click on them

By following these simple steps, you can significantly reduce your risk of falling victim to malvertising and stay safe online.

KS Clean

KS Clean is a type of malvertising attack that uses adware to target people through seemingly harmless mobile apps.

This adware can be concealed in popular apps, making it difficult to detect. The user would have no idea they were under attack until a warning message appears on their phone.

Three People Hacking a Computer System
Credit: pexels.com, Three People Hacking a Computer System

The warning message claims the phone has a security issue and needs to be upgraded. If the user clicks the OK button, the installation is completed, and the malware obtains administrative privileges.

Once the malware has these privileges, the user starts experiencing continuous pop-up ads on their phone. These ads can be annoying, but they can also lead to sites that contain other threats.

Identifying and Mitigating Malvertising

Identifying malvertising requires a keen eye for detail. Malvertisers often create ads that look haphazardly thrown together, lacking the polish and professionalism of legitimate ads.

To spot malvertising, check for spelling errors in ads. If you see obvious errors, it's likely a malvertisement designed by someone who doesn't speak your language fluently.

Unrealistic promises in ads can also be a red flag. If an ad promises something too good to be true, it's probably a clickbait attempt to lure you into clicking on a malicious ad.

Credit: youtube.com, Malvertising: The Hidden Threat in Your Browser | Malvertising Explained | Adaptivids

You can also take a proactive approach by never clicking on ads that appear on your computer. This way, you'll avoid malvertisements that require a click to activate.

Here are some common methods of malware insertion into ads:

  • Malware in ad calls
  • Malware-injected post-click
  • Malware in ad creative
  • Malware within a pixel
  • Malware within video
  • Malware within Flash video
  • Malware on a landing page

By being aware of these methods, you can take steps to protect yourself from malvertising.

Examples of Malicious Ads

Malicious ads have been found on some of the world's most popular websites, including Horoscope.com and The New York Times.

Several reputable organizations, including The New York Times, BBC, Spotify, Forbes, and the NFL, have been victims of malvertising attacks in recent years.

One notable example is the Angler Exploit Kit, which automatically redirected visitors to a malicious website where an exploit kit could exploit vulnerabilities in common web extensions like Adobe Flash and Microsoft Silverlight.

RoughTed is another malvertising campaign that was able to circumvent both ad-blockers and many antivirus solutions through a series of dynamic URLs.

Credit: youtube.com, What Is Malicious Advertising? - Everyday-Networking

KS Clean is a mobile app-based malvertising campaign that targets malicious adverts within mobile apps, often disguised as security updates.

Malicious ads can be disguised as anything from a lottery offer to a work-from-home scam, and even fake Flash Player updates.

Here are some examples of malvertising campaigns:

Tech support scams and scareware are also common types of malvertising, often targeting Mac users with fake websites and JavaScript tricks.

Fake Flash Player updates are another common technique used to foist adware and malware onto Mac users, often through adult or video streaming websites.

Frequently Asked Questions

What is the difference between malvertising and adware?

Malvertising targets anyone viewing infected ads, causing harm, while adware targets individuals by forcing ads onto their devices to generate clicks, often leading to pop-up ads and device issues.

Judith Lang

Senior Assigning Editor

Judith Lang is a seasoned Assigning Editor with a passion for curating engaging content for readers. With a keen eye for detail, she has successfully managed a wide range of article categories, from technology and software to education and career development. Judith's expertise lies in assigning and editing articles that cater to the needs of modern professionals, providing them with valuable insights and knowledge to stay ahead in their fields.

Love What You Read? Stay Updated!

Join our community for insights, tips, and more.