[BreachExchange] Malvertising Targets Your Online Users

Audrey McNeil audrey at riskbasedsecurity.com
Mon Apr 24 18:48:55 EDT 2017


https://www.cybersecurityintelligence.com/blog/malvertising-targets-
your-online-users-2250.html

Before clicking an online ad, make sure your users think twice. Malicious
advertising, more commonly known as Malvertising, has been popping up
everywhere.

Some of the most popular websites, such as Huffington Post, eBay, Forbes
and Yahoo, at one point or another have unwittingly hosted malicious ads.

Malvertising is designed to spread malware when a user clicks on an ad. If
a virus, worm, Trojan or some other type of malware like ransomware gets
into your network through malicious advertising, it could disrupt your
business for hours or days or longer or abscond with your valuable data.

Malvertising is tough to identify. Malware authors hijack legitimate online
advertising systems to insert their own malware-filled ads into websites.
Anytime malware is hidden inside a legitimate application, it’s much harder
to detect.

That explains why Malvertising has become a $1 billion cyber-criminal
enterprise. It’s easy to trick users to click, and it doesn’t cost much to
create the fake ads. It costs less than $1 per 1,000 targeted users to
create a malicious ad.

Clicking on a malicious ad can lead to the types of damage common to
malware infections – stolen data, altered files, identity theft and
financial loss. In some cases, it can turn your machine into a bot to
propagate malware or execute a DDoS (distributed denial of service) attack.

That’s bad enough of course, but Malvertising delivers the added bonus of
also hurting advertisers and the publishers they pay to run the ads. As
explained by Forbes: “Lost ad dollars starve digital publishers of
much-needed revenue and marketers of money intended to drive sales. Both
phenomena result in diminished economic output and employment.”
Malvertising is responsible for more than $200 million in lost ad revenue.

How Malvertising Works

Malvertising spreads infections in a couple of ways, tricking users into
clicking an ad or pop-up warning and drive-by downloads. With ads, users
are redirected to a website hosting malicious code instead of the
advertiser’s site.

The first with pop-up warnings, for example, a fake alert about a computer
infection appears on your screen. The alert contains a link to download the
“fix.”

The second Malvertising method requires no work on the user’s part. A
machine gets infected through a drive-by download when a user visits a site
with malicious ads. Drive-by downloads are imperceptible to the user and
install malware that causes disruption or steals valuable information.

Protect Your Business

Because Malvertising disguises itself as legitimate ads or pop-up warnings,
it creates a challenge for businesses to prevent users from infecting their
machines. But there are steps you can take to minimize the threat.

One obvious step, which applies in all cyber-security situations, is to
always update all business systems and software. Outdated applications,
plugins and operation systems often have vulnerabilities that
cyber-criminals can easily exploit. Be sure to also update your browsers
regularly and take advantage of built-in security features such as pop-up
blockers and malware protection.

Lastly, you should implement a comprehensive, up-to-date endpoint security
solution with built-in behavior analysis. Advanced analysis features can
flag suspicious code by looking for traits often found in malware.

As we’ve explored in earlier blogs about exploits, phishing, mobile threats
and browser security, small businesses have to secure their businesses on
many fronts. Malvertising is one of many cyber threats your business has to
contend with.

By taking these security steps, you boost your chances of avoiding a
Malvertising hit.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170424/c3e7fb07/attachment.html>


More information about the BreachExchange mailing list