If anything, cybercriminals are an ambitious lot. They keep themselves busy in devising new methods to scam the Internet population. And malvertising is just one of their nefarious tricks. In this post, we will help you understand what is malvertising, how it works, and how you can protect yourself from it.
What is malvertising?
Derived from ‘malicious advertising’, malvertising is defined as the practice of infecting computers by using online ads and various types of malware. The following explanation on how malvertising works will help you understand it better.
How malvertising works?
Malvertising works by hiding malicious codes within online advertisements that are relatively safe. The infection triggered by malvertising mostly takes place in one of the following ways:
1. Infection that is user-initiated
In this type, the user is shown a pop-up ad that carries a message like “Your system has been infected with 50 viruses!” or “Download this software to clean your computer now!” and so on. This kind of social engineering (manipulating someone to gather sensitive information about them) technique tricks unsuspecting users into clicking on such ads.
2. Infection that occurs with the least user interaction
This type is scarier and more dangerous. Here, the user does not have to click on any ad or even interact with the website. Simply visiting the web page (loading the web page) triggers the malicious ad to get on it with its job. This is known as a drive-by download.
What happens in either of the above scenarios?
In either way, the malicious ad downloads an exploit kit in the user’s computer. This exploit kit sniffs the infected system for security vulnerabilities (security weaknesses/flaws) and installs malware that can take advantage of any security flaw that is found. For instance, the exploit kit finds a security flaw in the web browser. Systematically, it drops a malware that can take advantage of this flaw, finally letting other malware get into the system. These malware could be spyware, keyloggers, and even a ransomware.
“Security vulnerabilities are mostly found in outdated versions of Java, Adobe, browser plugins, and Operating Systems.”
It is important to understand that websites hosting malicious ads are not always infected themselves. In the past, reputed sites like The New York Times, MSN, the BBC, and Yahoo were reported to unknowingly spreading malvertising.
How to protect yourself from malvertising?
• Keep all programs patched and up-to-date. Malvertising feeds on security vulnerabilities. And outdated versions of almost any software contains potential vulnerabilities. Applying all recommended security updates and putting automatic updates to ON is the most effective way to reduce the risk of malvertising attacks.
• Avoid downloading software or any type of files (music, video, games, etc.) from websites that serve a lot of ads or seem to have a low reputation. Check the safety rating of such sites on websites such as https://www.virustotal.com/
• To reduce the risk of drive-by downloads, set your browser plugins to click-to-play. When enabled, this feature forces a web page to take your permission before loading a plugin. This way you can cut the chance of a self-triggering malicious ad to exploit a flaw in your browser. This guide shows how this is done for Google Chrome, Internet Explorer, Firefox, Safari, and Opera.
• Install a trusted ad-blocker plugin on your browser. As the name suggests, the plugin disables ads from running on the websites you visit. Note that, doing this won’t block malvertising completely. Also, ad blockers might block content that is actually required, like certain sections on an airline website. So, it is important to know how to use ad blockers properly.
• Disable Flash and Java plugins; these are often targeted by cybercriminals for their security vulnerabilities. And uninstall any browser plugin that you don’t use. Read this guide on how to disable and uninstall plugins.
• Install a trusted antivirus software. This will reduce more than half the risks of malvertising attacks. Keep it up-to-date and always ON so that it can detect and stop the download of exploit kits and cut the process that follows it. More importantly, antivirus programs can help you stop drive-by downloads, which are in fact, the biggest concern here.
While there is no silver bullet for malvertising, there is a lot you can do to reduce its risks and keep your computer protected. If you have come across malvertising, share your story in the comment section below.