Online ads have been around for a long time now, and they are one of the most powerful online revenue generators. On the internet, anything that can make income usually attracts the bad guys, and they have been known to be in this niche for also a long time. Over the period, malvertising was a not a big problem such as ransomware. But over the last few weeks into 2018, almost every internet user has cried foul due to a new wave of ads which are misleading, hard to close and malicious. Attackers have taken their activities a notch higher, and now these malicious ads are popping up in top-tier websites including websites which host news articles and important content which users can read. This new wave kames matters worse by redirecting you to multiple spammy sites with malicious content.
In a nutshell, malvertising is when attackers buy ad space in legit and popular websites with a lot of traffic and then load the spaces with all kinds of malware that can be viable online. Most of these loaded ads are intrusive; they just won’t stop popping up. Its harder for site publishers to notice them until its too late. This is because at the moment there’s no way to discern if anybody buying an ad space has malicious intent. Its also hard due to the complexities involved when one is trying to detect or weed out malicious ads – unlike in the print media where ad owners submit their ads to publishers directly, online ad spaces involve complex exchanges and intermediaries. This is the case that makes it possible for you to experience ads on top-tier websites.
Additionally, in online ad spaces, advertisers bid for rights to show ads to particular users, and bidding is done in real time. The target ads usually include a custom JavaScript code that will run in a user’s browser if it supports JavaScript execution. Since they are target ads, what users see depends on their location, who they are, what devices they are using to access a website among other factors. This combo makes it difficult for ad reviewers to filter out which ads contain malicious content. John Murphy, VP of marketplace quality says that “It allows them to precisely target users at scale, so they can precisely target users who have unpatched operating systems or browsers.” Murphy further adds that, “They can also target individual devices, and this also makes it very difficult to detect, because even if we do a high-level scanning on our side to ensure that the creatives are clean, unless we come up with the exact combination of characteristics they’re targeting, we’re not going to see the behavior.”
According to Chris Olson the CEO of The Media Trust,
“over the past two years, we have seen the amount of malware and mobile redirects, which might lead to malware, roughly double in the digital ad ecosystem.”
Media Trust is among the companies that provide security services for online publishers and ad providers. Other experts also say that the problem of intrusive and malicious ads worsens in the course of holiday and that the streak has not ended.
Malvertising impact
Despite the usual annoyance, malicious ads have a lot more to offer to unsuspecting users and even business. It all can be summed up in a single word, their result – losses and more losses. In most cases, malicious ads are used to redirect users to websites loaded with more malware disguised as updates. For instance, late last year ransomware was delivered to networks via a malicious ad which popped up as an adobe flash player update. In other cases, ads with custom JavaScript codes don’t contain any messages to users. Instead, they hijack your browsers or device in general and then perform mouse clicks or taps on other hidden ads. This is common nowadays, and most people have experienced this as soon as they open some web pages. i.e., you find other browser tabs/windows opened in the background. in this case, attackers generate their revenue using automated traffic (per clicks) from unsuspecting advertisers who think the traffic is from potential customers (legitimate).
For instance, a security team from a company known as GeoEdge did a series of analyzing ad campaign behavior and found out that malicious auto-redirect activities generate over $1 billion in losses for publishers and marketers, an increase from last year. According to security experts, fighting unscrupulous ads is a cat and mouse game just like other issues in the cybersecurity realm. Every time experts come up with a mechanism to detect malicious ads; attackers also have a solution to bypass them through there army of developers.
Also, in alongside the malicious ads, researchers have discovered a surge in scripts that are used to mine cryptocurrencies; crypto jacking. Using a website, attackers use the scripts to tap into your devices’ CPU and tap its power to do some complex calculation. If you notice your devices hangs for some time when you visit a certain website, there’s a probability that you have been crypto jacked.
How to avoid malvertising
As a user, you can take the following steps to prevent malicious ads from exploiting you and your device.
- Get a good antimalware and antivirus software. Most antivirus software doesn’t have the capabilities of protecting your device when you are online. To combat malvertising, you must have defenses that can block malicious ads and other forms of cyber-attacks.
- Install an ad blocker. An ad blocker is one of the best things that can zap out intrusive ads, at times, they are bad to advertisers as they also block ads that are not malicious. But as a protection measure, an adblocker is a must.
- Disable Java. If you don’t like watching YouTube videos and other stuff that relates to streaming, you don’t need java enabled on your browser. This is a platform which malicious ads utilize open other more ads. Also use few trusted plugins, the fewer plugins, the lesser malicious ads you will get.
- Update your browser and plugin. Updates are good news as they patch vulnerabilities and other security loopholes which malicious ads use. Outdated or unsupported plugins also provide a backdoor for malicious ads.
Other times, you can also use a VPN to avoid geo-targeted ads.