The practice of using web advertisements to distribute malware is called malvertising (malicious advertising). Online advertising is a source of revenue for many companies, even if it comes with its own set of dangers, malvertising being one of them. Such ads come in various forms-text, images, banners, graphics, animations, pop-ups etc.
Cybercriminals use various advertising strategies to infect legitimate websites with their malware which then infects the device used by you to browse that particular website. Many such malware programs are auto-run and thus can infect your devices automatically if you visit an infected page. Once you visit such a page, you are automatically redirected to servers set up by cybercriminals.
These servers record the user’s details and select the ideal malware that can be used to attack their system. The worst part is that the carrier websites, which are mostly legitimate ones, are not in a position to know the originator of the malware, owing to the complexity of webpage design and the various URLs involved in showing you the page.
An Ongoing Story
With each passing year, these attacks are becoming more advanced and sophisticated, bringing newer levels of threat to online security through worms, Trojan horses, viruses, and ransomware. These attacks, masked by internet anonymity, have the power to hack personal as well as organizational and government computers and systems wreaking havoc.
One of the first such attacks Melissa (1999) is an early demonstration of just how destructive viruses can be. Posing as a Word file containing passwords to adult sites, it stoked curiosity and, when opened, executed a macro to resend the virus to the first 50 people in each user’s address book. Melissa was reportedly responsible for $1.1 billion in damages.
WannaCry (2017) was dubbed the biggest malware attack in history infecting 230,000 computers across 150 countries. Even though the attack was killed in quick time yet more than $130,000 in ransom fees had been paid by that time.
Even reputed websites like BBC, MSN, AOL, and The New York Times could not escape malware attacks and were affected in 2016. Investigations suggest that cybercriminal networks are getting more high-tech with the investment of big money for buying malicious ads and server access.
Anonymity Aids Cybercriminals
The anonymity provided by the web and the ability to use a perfectly legitimate big name website freely and easily makes the work of cybercriminals quite easy. Plus big websites outsource their promotional content through a range of third-party advertising networks, which makes it even better for criminals as they can upload their malware on trusted URLs. There is simply no filtration when a company registers its name with an ad network and the bidding and buying process is often automatic.
The most alarming part is that even if you try to avoid shady sites, you cannot be sure of avoiding malvertising as cybercriminals use reputed sites to spread their malware, often by means of automated processes to authorize dubious downloads or clicks. Often invisible web pages called iframes are used for this purpose so the malicious code is hidden from the user and host site until it is too late.
Difficult to Decipher
It is very difficult for the host site administrators to trace the source of an infection. Often they are unaware of malware in their domain, and might not know about the ad content being streamed on their site. This makes the task of tracing the source of a malware campaign extremely difficult and helps cybercriminals to attack various sites without much worry.
Online ads are a great tool for marketers and a neat way to monetize websites. But these ads do affect your privacy and security. The ability of advertisers to allow their subscribers to buy targeted promotions by which they are able to show you ads according to your taste, preference, and location also means a great opportunity for the malvertising industry.
As the ad dimension is no longer limited to desktop and infects mobile users as well, this only means that more users will now get infected. The malware generators can see the platform you use to access their links and can send the right files on your device, depending on the platform you use. So doesn’t matter which platform you use, you’re never safe from these malvertisements. You might think you’re safe on your iOS device but all devices are equally vulnerable to such attacks.
Smartphone users are set to hit the six billion mark by 2020. As a consequence malware makers and distributors to turn their attention towards opportunities to infest the mobile sector in order to extend their reach and thus profits. In 2014, about 16 million smartphones and tablets were infected with mobile malware and with advertisers expected to spend more on mobile advertising than all traditional media, this trend is sure to grow.
What can you do to avoid the risk of malvertising infection on your device? Here are some tips:
- Keep your web browsers, operating systems, security and other software regularly updated. Most software developers apply safety patches on updates so your devices have more chances of being secure with the latest updates than the older ones.
- Use an ad-blocker to filter out unwanted promotional content. But it could lead to some inconvenience as some leading websites ask visitors to turn off their ad-blockers
- Disable programs like Adobe Flash and Java if you do not use them. You may also turn on the click-to-play plugins (after which you would be asked for permission before Flash or Java applications are run on your browser).
- Mobile users can buy an ad management tool as these tools assist in tracing malicious code to its source.
- There are anti-exploit programs that may act as a last line of defense against any malicious code that manages to break through.
- Make sure you have installed anti-virus software on your computer or smartphone. Keep the anti-virus app updated as well.
The best way to fight the malware would be for digital advertisers and website operators to tighten up their policies about ad-serving networks and for the people to be aware and alert about the security threat posed by malware.