Thursday, December 17, 2015

What is Malvertising ?

Today many websites earn revenue by displaying online-advertising in the websites. And, the sad part is, attackers are taking advantage of that to spread malware to computers.

What is Malvertising and how is Malvertising perpetrated ?

Normally, websites outsource the ad contents to their pages to third-party ad networks.

Online advertisements keep changing on the pages. So, if one advertisement of them is a malware, it will be very difficult to find that out. But, that would be enough for infecting a computer. And the attackers exploit this opportunity in Malvertisements.

In Malvertising, attackers inject malware-laden online advertisements into legitimate online advertising networks and webpages. Malvertisings are normally very attractive and it is very difficult to differentiate them from legitimate online advertisements. So, they can easily spread across a large number of legitimate websites.

Malvertising is fairly new concept of spreading malware. Normally, they can bypass firewalls and do not need user clicks to infect his computer.

How do Malvertisements infect a computer ?

Malvertisements can infect a computer pre-click or post-click. A pre-click Malvertisement can be embedded in main-scripts of the page. They can even initiate drive-by-download on visiting the malvertising-laden website.

A drive-by-download is a download which a user initiates without knowing the consequence. It can even happen without the user's knowledge on visiting the website.

For a post-click Malvertisement, it infects a computer when a user clicks on the ad to see the advertisement, but instead is redirected to a malware infected website. And those malware infected websites trick a user to copy malware normally disguised in a flash file.

The first recorded Malvertisement was reported in late 2007 or early 2008 and it exploited a security vulnerability of Adobe Flash affecting a number of platforms including MySpace, Excite and Rhapsody. Since then, Malvertising has continued unabated and affected many computers.

How to prevent Malvertising ?

We can take a few steps which can reduce the possibility of our computer getting affected to a large extent.

  • Update your browser whenever new patches are available. Modern browsers like Internet Explorer 9 or Google Chrome include some security advances which can make attacks much more difficult.
  • Update commonly used programs like Adobe Flash Player or Adobe Reader whenever new patches are available. Sometimes attackers exploit their security flaws to spread malware. With regular patches these security flaws will be minimized.
  • You can enable Click-to-Play Plugins. This will disable autoplaying of Flash or java-object. It won't automatically run unless you click on it.
  • You can use MalwareBytes Anti-Exploit. It monitors your web browser and blocks potential Malvertisements.
  • Disable or uninstall plug-ins which you are not using anymore. This will disable the attackers from exploiting it.
  • Keep your plug-ins up-to-date with recent security patches.

This was an introductory article on Malvertising, just to keep you informed about the malware and how to combat it. Hope it has helped you.

No comments:

Post a Comment