Security Vulnerabilities In Advertising
Bad guys never quit trying to be bad guys. For as long as there have been personal computers, we have had to put up with viruses, malware, spam, and a host of other carefully created annoyances whose danger level ranges from mild to catastrophic.
We can now add malvertising to this list – a technique by which ads containing malware appear on otherwise trustworthy mainstream sites, and which burrow into a user’s PC.
The creators of these false ads capitalize on an essential open market in which any given page, such as belonging to a legitimate news site or search tool, makes space available for an ad, but the ad itself is customized to the specific viewer, by any combination of variables, such as country, browser software used, or search terms used. As Bromium’s Rahul Kashyap writes in Wired, “an attacker wishing to go after U.S. federal government employees, for example, could rig a malicious ad that only appears when major ad networks see someone in the U.S. using an older version of Internet Explorer (IE) on Windows XP, for example and typing “extended support for Windows XP government” or “government travel allowance” into a search engine. Similarly, an attacker looking to compromise certain high value victims can emplace malicious ads configured to appear in front of attorneys, scientists or other individuals who might be keyword-searching hotel rates at sensitive industry conferences or other gatherings.”
The Good And Bad Guys!
According to security specialists, Bullguard, there are two types of malvertising methods:
The first involves the placement of “clean” ads on trusted sites, leaving them there to gain a “good reputation”. Later, the bad guys “insert a virus or spyware in the code behind the ad, and after a mass virus infection is produced, they remove the virus. In this case, because the ad network infrastructure is very complex with many linked connections between ads and click-through destinations, the criminals’ identity can hardly be traced.”
The second approach turns “legitimate ads into malicious ads is by hacking trusted sites and injecting viruses into banner ads. Usually, the next day – after the harm’s been done – they’re gone.”
According to the Online Trust Alliance, these ads comprise fewer than one percent of all online ads, but due to the nature by which they propagate, their destructive power is easily magnified. Mobile devices are particularly at risk, due to their propensity to bypass traditional malware detection methods.
Among the suggestions put forth by Bullguard for avoiding getting caught by these false ads: keep your antivirus software up to date, don’t click on any pop-up ads or surveys, and be extra careful on weekends, “when IT resources are low and attacks are less likely to be noticed.”
(Image Source: Shutterstock)
By Steve Prentice