Blog

Sanjay Katkar
What is Malvertising and How to Stay Away from it?
June 21, 2016

How-to-Protect-yourself-from-malvertising

If anything, cybercriminals are an ambitious lot. They keep themselves busy in devising new methods to scam the Internet population. And malvertising is just one of their nefarious tricks. In this post, we will help you understand what is malvertising, how it works, and how you can protect yourself from it.

What is malvertising?
Derived from ‘malicious advertising’, malvertising is defined as the practice of infecting computers by using online ads and various types of malware. The following explanation on how malvertising works will help you understand it better.

How malvertising works?
Malvertising works by hiding malicious codes within online advertisements that are relatively safe. The infection triggered by malvertising mostly takes place in one of the following ways:

1. Infection that is user-initiated
In this type, the user is shown a pop-up ad that carries a message like “Your system has been infected with 50 viruses!” or “Download this software to clean your computer now!” and so on. This kind of social engineering (manipulating someone to gather sensitive information about them) technique tricks unsuspecting users into clicking on such ads.

2. Infection that occurs with the least user interaction
This type is scarier and more dangerous. Here, the user does not have to click on any ad or even interact with the website. Simply visiting the web page (loading the web page) triggers the malicious ad to get on it with its job. This is known as a drive-by download.

What happens in either of the above scenarios?
In either way, the malicious ad downloads an exploit kit in the user’s computer. This exploit kit sniffs the infected system for security vulnerabilities (security weaknesses/flaws) and installs malware that can take advantage of any security flaw that is found. For instance, the exploit kit finds a security flaw in the web browser. Systematically, it drops a malware that can take advantage of this flaw, finally letting other malware get into the system. These malware could be spyware, keyloggers, and even a ransomware.

“Security vulnerabilities are mostly found in outdated versions of Java, Adobe, browser plugins, and Operating Systems.”

It is important to understand that websites hosting malicious ads are not always infected themselves. In the past, reputed sites like The New York Times, MSN, the BBC, and Yahoo were reported to unknowingly spreading malvertising.

How to protect yourself from malvertising?

• Keep all programs patched and up-to-date. Malvertising feeds on security vulnerabilities. And outdated versions of almost any software contains potential vulnerabilities. Applying all recommended security updates and putting automatic updates to ON is the most effective way to reduce the risk of malvertising attacks.

• Avoid downloading software or any type of files (music, video, games, etc.) from websites that serve a lot of ads or seem to have a low reputation. Check the safety rating of such sites on websites such as https://www.virustotal.com/

• To reduce the risk of drive-by downloads, set your browser plugins to click-to-play. When enabled, this feature forces a web page to take your permission before loading a plugin. This way you can cut the chance of a self-triggering malicious ad to exploit a flaw in your browser. This guide shows how this is done for Google Chrome, Internet Explorer, Firefox, Safari, and Opera.

• Install a trusted ad-blocker plugin on your browser. As the name suggests, the plugin disables ads from running on the websites you visit. Note that, doing this won’t block malvertising completely. Also, ad blockers might block content that is actually required, like certain sections on an airline website. So, it is important to know how to use ad blockers properly.

• Disable Flash and Java plugins; these are often targeted by cybercriminals for their security vulnerabilities. And uninstall any browser plugin that you don’t use. Read this guide on how to disable and uninstall plugins.

• Install a trusted antivirus software. This will reduce more than half the risks of malvertising attacks. Keep it up-to-date and always ON so that it can detect and stop the download of exploit kits and cut the process that follows it. More importantly, antivirus programs can help you stop drive-by downloads, which are in fact, the biggest concern here.

While there is no silver bullet for malvertising, there is a lot you can do to reduce its risks and keep your computer protected. If you have come across malvertising, share your story in the comment section below.

References:
http://www.tomsguide.com
http://www.makeuseof.com
http://www.forbes.com

Have something to add to this story? Share it in the comments.

Sanjay Katkar
About Sanjay Katkar
Sanjay Katkar is the Joint Managing Director and Chief Technology Officer of Quick Heal Technologies Limited. He holds a Masters in Computer Science from University...
Articles by Sanjay Katkar »

12 Comments

Your email address will not be published.

CAPTCHA Image

  1. anwar kamal pashaJune 24, 2016 at 12:51 AM

    what is malvertising please given me ditel

    Reply
    • Rajib Singha Rajib SinghaJune 25, 2016 at 3:18 PM

      Hi Anwar,

      When clicking on an online ad causes your computer to get infected by a virus, it is known malvertising. This post has explained this in detail. Kindly spare some time reading it.

      Regards,

      Reply
  2. anti virus is not updat proparely please update me anti virus put in computer than my computer is process is very sloy

    Reply
  3. amaN GARGJune 24, 2016 at 8:43 PM

    very very best antivirs
    ]

    Reply
  4. Softatic is also a a malver site it cotain virus so do not poen this site

    Reply
  5. Pravendra SinghJune 26, 2016 at 9:53 PM

    Hii there! I read the guide about how to disable installed plugins, but do not know which plugins to disable. If you can, pls pls pls help me.

    Reply
  6. aleem akhtar khanJune 27, 2016 at 3:00 PM

    guardian is a best anti virus

    Reply
  7. Hey Guys!!
    yesterday I got a suspicious imo call from an unknown user on my mobile phone. But unfortunately I received it in reflex but it hung up immediately. When I checked for the mobile no. I was stunned seeing that there was no mobile no associated with the name. So I immediately blocked that unknown user and reset my mobile. Now what should I do? Is there any possibility that my phone or SIM card has been cloned? If yes then what should I do?
    Regards

    Reply
  8. bsingha924@gmail.comJanuary 21, 2017 at 6:06 PM

    sir , i sent money no HDFC bank for renew Guardian NetSecure but i have many call your call centre but any one not give right information kindly check it…………

    Reply
    • Rajib Singha Rajib SinghaMarch 17, 2017 at 12:37 PM

      Hi,

      Thanks for writing in. Our Renewal Team is looking into this and they will connect with you to help you out.

      Regards,

      Reply