“Malvertising”, short for “malicious advertising”, is the use of online advertising to spread malware. It uses the method of inserting malicious or malware-laden advertisements into legitimate online advertising networks and webpages. Malvertising provides an attractive tool for attackers because they can easily reach a large number of legitimate websites without directly compromising those websites.
Malvertising is a reasonably new method for spreading malware and is extremely difficult to combat because it can work its way into a webpage and spread through a system unknowingly. Most of the time, an infection delivered through malvertising does not require any user action (like clicking) to compromise the system and it does not exploit any vulnerabilities on the website or the server it is hosted from. The infections silently travel through Web page advertisements. Attackers have a very wide reach and are able to deliver these attacks easily through advertisement networks. Companies and websites have, so far, found it difficult to diminish the number of malvertising attacks, which would suggest that attacks of this nature are not likely to disappear soon.
Malware can also auto-run, using features like auto-redirects (where the user is automatically taken to a different site). A user clicks on the ad to visit the advertised site, and instead is directly infected or redirected to a malicious site. These sites trick users into copying viruses or spyware usually disguised as Flash files. Redirection is often built into online advertising, and this method for spreading malware is often successful, because users expect a redirection to happen when clicking on an advertisement.
Types of Malvertsing
By visiting websites that are affected by malvertising, users are at risk of infection. There are many different methods used for injecting malicious advertisements or programs into webpages, below are just a few:
- Paid Ads using Google AdWords
- Drive-by downloads
- Hidden iframes
- Pop-up ads for deceptive downloads
- Malicious banners on websites
We will provide more information on these different types of malvertising over the coming weeks.