At a Glance – Malvertising
Smart malicious software can be hidden in innocuous looking ads
This month, cybersecurity firm Proofpoint uncovered that millions of Pornhub users had been targeted by malicious software embedded in what looked like legitimate ads. The group behind the attack, KovCoreG, used a technique called Malvertising to trick users into unwittingly installing malware.
Malvertising stands for malicious advertising, and involves hiding code in legitimate ads and then paying popular online ad networks to display them. With 26 billion annual visits in 2016, Pornhub was a fantastic choice. What’s more, the site’s users were less likely to own up to being part of the attack to save face, therefore maximising its potential reach.
Most of the time, the ad networks who display the infected ads are unaware of their harmful content. Because so many ads are submitted, it’s almost impossible to inspect each one in detail. Big networks also use third party vendors to deal with ad display, which adds another layer to the already opaque process. Once a computer is infected, cybercriminals can access the entire system – including the sensitive data within it. In 70 per cent of cases, Malvertising leads to ransomwear attacks which demand payment for the return of functionality or information. The rise of this exploitative method represents ever evolving cybercrime techniques. In the face of this invisible threat, consumers are likely to become even more suspicious of ad campaigns. . . But perhaps this is a good thing, as it could catalyse change in the industry.
In many cases the way to avoid cybersecurity breaches is to practise sensible internet use. This includes avoiding any suspicious links and sticking to verified sites. The problem is, you don’t even have to click on the ads for them to infect your computer or any other personal device, and cybercriminals prefer to use high traffic, trusted sites. Nonetheless, there are steps that can be taken to lessen the chance of attack. This includes updating software, disabling flash where possible, installing ad blockers and closing browsers when not in use or investing in anti-exploit programs.