Malvertising, you are already a victim of it
Why online ads can be more than just annoying.
A malware infection can be damaging and costly, it puts your devices at risk and takes time to clear off, what’s worse is it can spread from devices to those of friends, family, colleges and customers. It can see your valuable data stolen and opens you up to fraud.
Advertising on the internet can be annoying, pop-up and pop out that obscure your view loud adverts that start blasting sound as soon as you visit a website and the creepy ads that seem to follow you from site to site.
Malvertsing combines these two annoyances in to one massive pain. Using adverts as vector to infect you with malware. You don’t need to do anything to get infected, simply visiting a site that has these malicious ads is enough to get you infected and even reputable trusted website can be affected by these malware campaigns.
This type of infection is proving so effective that Malvertsing incidents increased by 300% in 2015 and another 400% in the first half of 2016.
One the biggest Malvertsing incidents ever occurred earlier this year where websites that were drawing a combined total of 1 billion visits daily including msn.com, nytimes.com, bbc.com, aol.com, my.xfinity.com, newsweek.com, nfl.com, realtor.com, theweathernetwork.com and thehill.com were all hit by a Malvertsing campaign that infected visitors with ransomware.
It did this by using the angler toolkit (a set of hacking tools) to exploit a vulnerability in the Silverlight plug-in to download a javascript which pulled down the ransomware.
These Malvertsing campaigns are getting much more sophisticated. The Adgholas Malvertsing campaign used steganography (the tactic of hiding information in images) and whitelists to allow the infection to bypass usual detection techniques. At its peak is was infecting over 1 million people per day.
So how do I stop it? As safe browsing habits aren’t enough to stop this threat you need to reduce your risk in other ways. The Malverts use scripts that often rely on plug-ins to run so disabling Flash, Java, Silverlight and others can stop them running when you visit the page. Another tactic is to keep your browser up to date to close any vulnerabilities that may be exploited.
