Malvertising Attacks

“Malvertising” comes from a combination of “malware” and “advertising”, and includes taking advantage of online advertisements to spread malware or divert users to malicious websites. It is a type of cyber-attack that injects malicious code into legitimate-looking online advertisements of well-known online publications or even on social media. Believing these to be genuine sites, internet users either load the webpage or click on the ad, which downloads malware onto their devices.
 
Malvertising is a significant problem worldwide and has acquired increasing prevalence across the web.

How does malvertising work?

The typical strategy for malvertisers begins with purchasing ad space from publishing networks and submitting clean advertisements for a while to gain authenticity. After a few weeks, criminals switch their legitimate ads for ones infected with malware, which get communicated across any number of sites a publisher or network is working with. 

These misleading ads can hamper a computer with malware in two ways:

A pre-click malvertisement can be implanted in the main scripts of the page. They can start drive-by-download on visiting the malvertising-loaded site. A drive-by-download is a download in which a user does not need to click on any link and start the download. When a user visits the webpage, the malware begins downloading automatically in the background.

For a post click malvertisement, it infects a computer when a user clicks on the ad to see the advertisement and the user is redirected to a malware-infected website.

Effects of Malvertising:

Personal Data Theft

Cybercriminals use malvertising to launch spyware on a device that gives personal data into the hacker’s hands. Malicious ads may also force the browser to redirect to spoofed sites that mimic legitimate ones as a method to deceive a user into giving up the login credentials or other information. Hackers might sell the stolen data on the dark web, where other criminals can use it in other fraudulent activities.

Financial Extortion

If an infected ad introduces ransomware on a computer, the hacker who planted it may execute an extortion attempt. Ransomware is a malicious software that locks a user out of his own files, so that the hacker can turn around and demand a ransom payment before providing access.

Types of Malvertising:

There are two main types of malvertising that one should be aware of. Both include the use of ads to host malware, but their methods of releasing the malware vary.

Drive-by Download

A drive-by download is a method where a harmful software is downloaded onto a person’s computer without them interacting with the page. By simply loading the webpage, they succumb to the attack. In the case of malvertising, if a fraudulent ad has infected the page, a user’s device will be infected as soon as they load it.

Click to Download

In a click to download situation, the user must interact with the ad for it to infect their device. These ads are made to mimic legitimate ones to deceive the person who lands on the page and lures them to click.

Malvertising Example:

COVID-19 Attack

In 2020, Internet Explorer users were aimed at, in a COVID-19-related malvertising attack. In the midst of great stress and feeling of dread towards the pandemic, cybercriminals changed their malvertising campaigns to include a fake warning notification about COVID-19.

How to Prevent Malvertising:

Malvertising is a type of cyberattack that can be challenging to detect and mitigate, but your chances of security are higher assuming you know what to look for. Here’s how you can appropriately prevent a malvertising attack.

Using a strong antivirus

Antivirus is the best first line of protection against a variety of online threats that sneak around the web, including malvertising and other forms of malware. With ongoing protection against malvertising downloads or installation attempts, this is perhaps the simplest way you can safeguard your data and devices.

Keep Software Up to Date

Numerous malvertising attacks depend on exploiting existing software vulnerabilities as a simple way to infect computer systems. When you update your software, you’re ensuring that any security weaknesses are taken care of and not left open to hackers.

Install an Ad Blocker

Advertisement blockers prevent ads from being shown on webpages and you can’t unintentionally click on a malware-infected ad if it never appears on your screen.
Knowing how malvertising attacks work and the warning signs to look for can help provide sufficient shield to your data and devices.
Share on twitter
Share on linkedin