What Is Malvertising? | The Plague Of Online Ads
16 February 2017 00:00
The infestation of Malvertising is an attack on the lifeblood of the internet as we know it, with the growing number of malicious online advertisements threatening to disrupt the industry as a whole.
A recent study by RiskIQ found that malvertising grew by 132% in 2016 - a massive percentage higher than that of legitimate online advertising. These attacks are delivered through ad networks, such as Facebook and Google, and breed ransomware, malware, scams, and redirect users to phishing pages.
The extensity of the malvertising plague can be found in these figures:
- 1,978.95% increase in redirections to phishing pages
- 845% increase in scam detections
- 58% increase in scamware and browser lockers
- 25.8% increase in malicious distribution systems
Cyber criminals have a number of ways they can attack users, ranging from social engineering all the way to cloaking their malicious code before real-time bidding, and before advertising space has even started.
Now, it’s alarming enough for people to be oblivious to attacks, but it is even more worrying when ad networks are not able to anticipate incidents or even detect them. This has allowed attackers in the past to serve malicious ads through top networks without being detected, for days, weeks and even months at a time.
The profit-driven and complex nature of online advertising can often be its downfall and, just maybe, the reason why it will continue to be increasingly targeted. Websites and successful blog sites are competing for revenue. Legitimate online advertisers are becoming more and more astute about the different methods of making a return on investment. Attribution is now vital, and so is the realisation that a failure of delivering nothing beyond the number of clicks to your site, means that you will struggle for online advertising from the bigger spenders.
What does the future of Malvertising look like?
From taking a look further down the line, failure to stop the growing number of malvertising means the market growth could be affected. Users are becoming wary and are potentially willing to block all ads, which causes a big issue for the digital advertising industry. In fact, eMarketer predicts that, by the end of 2017, 14.7 million people in the UK will be using ad blocking software.
Many people in the industry are implementing or finding solutions on how to mitigate this risk. Proprietary/ curated blacklists are one of these, which allows the ad operators, managers and security staff to vet new demand sources and prevent malware within their ad infrastructure.
It’s safe to say that more has to be done. The security industry is getting better at flagging new malvertising networks. Advertising networks, however, also need to take responsibility by validating ads and preventing malicious ads from the start, otherwise, malvertising threatens to spread further.