Malvertising Definition

Definition

Malvertising is a portmanteau of ‘malicious’ and ‘advertising’. It uses malicious advertising to steal data and install malware on victims’ devices.

The attacker generates a genuine-looking, attractive ad and conceals a malicious code.
They then hack a popular website or create a fake version of a well-known site to place the malicious ad.
An innocent person clicks the ad.
They are redirected to another website or server, where their device is infected with malware.

Angler Exploit Kit: This malvertising attack automatically sent visitors to a harmful website where an exploit kit targeted vulnerabilities in popular web extensions, such as Oracle Java, Adobe Flash, and Microsoft Silverlight.
RoughTed: This malvertising attack bypassed ad blockers and antivirus programs through dynamic URLs.

Late 2007 and early 2008: The first instance of malvertising exploited a vulnerability in Adobe Flash, affecting various popular platforms, including MySpace. It marked the end of MySpace, a once popular social media platform.
2009: The New York Times website published a malicious ad that recruited computers into a vast botnet of malware-infected devices. Site visitors were bombarded with ads claiming their systems were infected, luring them into installing malicious security software on their computers.
2010: Malvertising became widespread across the internet, with billions of display ads carrying malware across thousands of sites.
2011: Spotify was affected by a drive-by download malvertising attack.
2012: The Los Angeles Times was hit with a massive malvertising attack, infecting users through drive-by downloads.
2013: Yahoo.com was hit with a malvertising attack, affecting over 6.9 billion monthly visitors.
2014: Malvertising significantly increased, affecting Google DoubleClick and Times of Israel.
Today: Malvertising attackers have gotten creative, using sophisticated techniques to bypass security measures and infect devices.

Malware in ad calls: When a website shows a page with an ad, the ad exchange delivers the advertisement via a third-party server. Hackers can hijack these servers and insert harmful code into the ad payload.
Malware-injected post-click: Malicious code is delivered after users click on an ad, redirecting them to a compromised site.
Malware in ad creative: Malicious code is embedded directly within the ad’s content, e.g., scripts or images.
Malware within a pixel: Malicious code is concealed in tracking pixels ads use to collect data, infecting users when the pixel is loaded.
Malware within video: Malicious code is embedded into video ads, infecting devices if users play the video.
Malware in Flash video: Malicious code is inserted into Flash-based video ads, exploiting Flash vulnerabilities to deliver malware.
Malware on landing pages: Once users click an ad, they are redirected to a landing page containing malicious software that infects their system.

Stay vigilant: Avoid clicking on online ads. If you see an interesting ad, open a separate window and search for the advertised product or service.
Update: Always ensure your browse and security software programs are up-to-date to prevent hackers from exploiting known vulnerabilities.
Install an ad blocker: Use a reliable ad blocker to prevent ads that may carry malicious code or redirect you to harmful sites.
Configure a VPN: Use a VPN to protect your data and block malicious websites.