Cybersecurity Insight

Warning: Malvertising Is Infecting Your Network

2 Aug

Malvertisements hide in plain sight throughout the Internet, their unassuming and indistinguishable nature making them all the more lethal to users across the World Wide Web – sometimes the only interaction needed is to land on an otherwise nondescript webpage. And while researchers recently uncovered and killed the longest-running malvertising campaign to date, many wonder what else is out there and how much more damage will be done.

Undetected since October 2015, the AdGholas discovery is making waves due to its stealth nature and groundbreaking operation. The group behind the malvertising programs managed to attract anywhere from one to five million hits on the host sites per day while just using 100 ad exchanges. Ultimately 10-20% of computers that loaded the malvertisements were redirected to servers hosting exploit kits (they use the security holes found in software applications to spread malware), essentially hitting one million computers every day and infecting thousands.

AdGholas’s selective malvertising campaign allowed it to languish for so long – the machines manned by security researchers or ad networks intent on discovering these attacks were filtered from those who interacted with the advertisements. Then, the victims were sent attacks in accordance with their location. And to add just one more layer of intrigue, AdGholas is the first group to use steganography – hiding code inside images – in a malvertising campaign, making it that much more unique and deadly to any computer that comes in contact.

Use common sense judgment to navigate potential malvertising pitfalls – though many globally trusted sites have guidelines regarding questionable advertising, other sites may not have these precautionary measures. Stay ahead of security threats with continuous monitoring and management, proactive prevention, rapid response, and investigation of root causes; these skills can be provided by internal or external cyber security protection teams. Better knowledge means better protection when combined with comprehensive tools to defend your networks, data, devices, web traffic, applications, and more.