Malicious Advertising (Malvertising) is used to online advertising to spread malware. Malvertising is a big business but there is a little oversight and it is least understood online threat today. Website publishers may not know the advertising on their sites is used for malicious intent. Malvertising accounts for huge amounts of cyber fraud and identity theft. Malvertising is a good tool to attackers because it can be reached by a large number of users easily through trustworthy companies websites. I believe there needs to be consensus on who is responsible addressing these threats.
Malvertising exploits the outdated version of applications like Java, Flash Player, and Silverlight to install malicious programs. Recently popular websites like the Huffington Post, Yahoo News, AOL, TMZ and many other were being hit with Malvertising called Neutrino Exploit Kit (Seals, 2015). The website visitors presented with advertisements that infected their computers with ransomware. Computer owners were locked down and money was demanded to get back control of their devices. The surprising with this Malvertising was that users didn't even have to click on advertisements, computers were infected just visiting the websites. It was generating an estimated US$25,000 per day for the attackers (Huang, 2014). We will see more Malvertising issues in coming years since no one is taking responsible for stopping these threats.
Malvertising is hard to protect but website owners with advertising companies can help t reduce the risk. Website owners should work closely with third-party advertising delivery companies regarding what is advertised on their websites. They should only allow advertisements that click to pay. They should also use infection monitoring and detecting solutions to protect their website visitors (Zalvaris, 2015). Their best interest should be to protect their website visitors rather than making money for long-term company viability.
References:
- Seals, T. (Jan 8, 2015). Malvertising Campaign Affects 1.8 Billion <<< InfoSecurity. Retrieved from http://www.infosecurity-magazine.com/news/malvertising-campaign-affects-18/
- Zavlaris, P. (Jan 16, 2015). The Truth About Malvertising <<< dark reading. Retrieved from http://www.darkreading.com/vulnerabilities---threats/the-truth-about-malvertising---/a/d-id/1318641?
- Huang, W. (Oct 22, 2014) . Malware in Ad Networks Infects Visitors and Jeopardizes Brands <<< Proofpoint threat insight. Retrieved from http://www.proofpoint.com/threatinsight/posts/malware-in-ad-networks-infects-visitors-and-jeopardizes-brands.php
No comments:
Post a Comment