If not redirected, please click here https://www.thesecuritybuddy.com/malware-prevention/what-is-malvertising/
Today many websites earn revenue by
displaying online-advertising in the websites. And, the sad part is, attackers are taking
advantage of that to spread malware to computers.
Normally, websites outsource the ad
contents to their pages to third-party ad networks.
Online advertisements keep changing on the pages. So, if one advertisement of them is a malware, it will be very difficult to find that out. But, that would be enough for infecting a computer. And the attackers exploit this opportunity in Malvertisements.
Online advertisements keep changing on the pages. So, if one advertisement of them is a malware, it will be very difficult to find that out. But, that would be enough for infecting a computer. And the attackers exploit this opportunity in Malvertisements.
In Malvertising, attackers inject malware-laden online advertisements into legitimate online
advertising networks and webpages. Malvertisings are normally very
attractive and it is very difficult to differentiate them from
legitimate online advertisements. So, they can easily spread across a
large number of legitimate websites.
Malvertising is fairly new concept of
spreading malware. Normally, they can bypass firewalls and do not
need user clicks to infect his computer.
How do Malvertisements infect a computer ?
Malvertisements can infect a computer
pre-click or post-click. A pre-click Malvertisement can be embedded
in main-scripts of the page. They can even initiate drive-by-download
on visiting the malvertising-laden website.
A drive-by-download is a download
which a user initiates without knowing the consequence. It can even
happen without the user's knowledge on visiting the website.
For a post-click Malvertisement, it
infects a computer when a user clicks on the ad to see the
advertisement, but instead is redirected to a malware infected
website. And those malware infected websites trick a user to copy
malware normally disguised in a flash file.
The first recorded Malvertisement was
reported in late 2007 or early 2008 and it exploited a security
vulnerability of Adobe Flash affecting a number of platforms
including MySpace, Excite and Rhapsody. Since then, Malvertising has
continued unabated and affected many computers.
How to prevent Malvertising ?
We can take a few steps which can
reduce the possibility of our computer getting affected to a large
extent.
- Update your browser whenever new patches are available. Modern browsers like Internet Explorer 9 or Google Chrome include some security advances which can make attacks much more difficult.
- Update commonly used programs like Adobe Flash Player or Adobe Reader whenever new patches are available. Sometimes attackers exploit their security flaws to spread malware. With regular patches these security flaws will be minimized.
- You can enable Click-to-Play Plugins. This will disable autoplaying of Flash or java-object. It won't automatically run unless you click on it.
- You can use MalwareBytes Anti-Exploit. It monitors your web browser and blocks potential Malvertisements.
- Disable or uninstall plug-ins which you are not using anymore. This will disable the attackers from exploiting it.
- Keep your plug-ins up-to-date with recent security patches.
This was an introductory article on
Malvertising, just to keep you informed about the malware and how to
combat it. Hope it has helped you.
No comments:
Post a Comment