- About Us
- IT Services
- IT Security
- Cloud Services
- Who We Help
- Contact Us
The first recorded event of Malvertising was in late 2007 from a vulnerability found in Adobe Flash. Back then, platforms like Excite, Rhapsody, and Myspace did not know or realize they had exposed their visitors to this cyberattack.
Since then, Malvertising has continued showing up on sites like Yahoo, eBay, Spotify, and many more. In today’s video, Blake Schwank, CEO of Colorado Computer Support, has followed recent news events uncovered by Malwarebytes.
“Malvertising” is another term for malicious advertising. It is an upgraded form of a cyberattack where malicious code gets inserted into digital advertising. More specifically, it refers to digital ads, like AdWords, typically seen at the top of search engine results.
These harmful ads target the public and sit in plain sight, undetected. What makes these ads so highly effective is the difficulty level of detection. They look like an average ad. But, neither ad publishers nor internet users can quickly or easily spot them when they first see them.
Malvertising is a well-designed legitimate-looking ad like AdWords with malicious code inserted into it. The advertisement directs an unsuspecting user to visit a website or download a malicious link where malware like a trojan virus or computer worm resides.
Another malvertising attack technique has an altered ad that only needs to load to cause significant harm to a business or organization’s system. That drive-by download does not require any links to click or download.
In 2016, Malvertising found its way into many famous and popular publishers’ worlds. Through the use of Google, AppNexus, AOL, and Rubicon. Two rogue domains, TALK915.PW and TRACKMYTRAFFIC.BIZ spread their malicious activities.
The malware was sent through multiple advertising networks and used several vulnerabilities. When the infected advertisement got to users, they redirected the page to servers hosting the malware. That unleashed the widely-used Angler exploit kit popular with cybercriminals back then.
Unfortunately, these were the famous publishers affected by this malvertising campaign fiasco. MSN.com, NYTimes.com, BBC.com, AOL.com, NFL.com, Realtor.com, my.xfinity.com, theweathernetwork.com, thehill.com, and newsweek.com.
Consumers and publishers are always at risk and vulnerable. Malvertising remains an extremely difficult cyberattack to detect and avoid. That’s due to the vast amount of continuously created digital ads and how quickly they circulate within digital ad exchanges.
Publishers cannot directly oversee each ad’s verification and assessment process. And unfortunately, cybersecurity experts can’t identify which is or isn’t a malicious ad. That’s because websites rotate advertisements continuously.
It’s a good reminder. Don’t trust ads. Don’t click on things on the internet. Instead, type it into your address bar or go to the actual search results that show up down below the ads. It’s just like advertising you’ve seen on television. You never know what you’re going to get.
Malware prevention protects your organization’s IT system and network. To prevent malware attacks, always keep your computer and software updated. Never trust pop-up windows. And always use robust antivirus software. Think twice before clicking on any links.
Our Colorado Computer Support cybersecurity specialists are always available to help you if your system becomes infected. Before that happens, contact us today or call (719) 310-3035 to strengthen your infrastructure.