• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Industry News   »   Ads on websites are dangerous to more than your sanity

Ads on websites are dangerous to more than your sanity

  • Posted on:February 26, 2016
  • Posted in:Industry News
  • Posted by:
    Noah Gamer
0
Hackers have found a new way to infect your computer: advertising.

When surfing the Web, there are few instances more annoying than unprovoked ads. The sad reality of the Internet – and really the world at large – is that nothing's free and as such, advertising is what's keeping a vast majority of the online experience away from paywalls. That being said, ads posted on some popular websites are doing more than annoying people. 

Many prominent sites are becoming unwilling distributors of malware through a system called malvertising. This is where a seemingly innocent website is used as a base for pop-up ads that install malware on the viewer's computer. This type of campaign is ruining the trust reputable websites have built up over the years, and needs more attention as many users don't even know malvertising exists. 

Forbes article most recent example

Trend Micro has most recently seen a malvertising campaign in the "30 Under 30" article posted on Forbes's website. This case was extremely interesting, not just due to the malicious ads but because of how Forbes treats advertising on it's site.

Forbes makes its online revenue thanks to advertising. However, many people have turned to software that keeps them from seeing these ads. These ad blockers are great for having a streamlined online experience, but they cut into the profits of the companies creating the content users view. As such, Forbes decided that ad blockers would no longer be allowed while on its website. Users attempting to view an article must turn off their ad blocker before proceeding to the content.

This was a great idea in terms of making up for lost revenue, but it had unexpected consequences. Cyber criminals decided this was the perfect time to strike and procured ad space for their malware. Unbeknownst to the company, Forbes began to distribute malvertising through its article. 

While it's important to note that Forbes had no knowledge that it was spreading malware to its readers, the point here is that malvertising is making the Internet a scary place. Once-reputable sites can now be unknown accomplices to cyber crime and as such, users need to take even more care when operating online. 

Not the first time this kind of campaign has been seen

Although this particular case is interesting because Forbes specifically asked its readers to turn off ad blockers – thereby spreading the malware even further – this certainly isn't the first time this has happened, nor was it the first time Trend Micro ran into malvertising. Back in September 2015 Trend Micro became aware of a malvertising campaign that was affecting users in Japan. 

Unlike the Forbes attack, however, this spreading of malware was conducted on multiple sites. The campaign was launched from popular Japanese sites, such as a news sites and blogs, therefore reinforcing the belief that this attack was targeted at the Japanese specifically. What's more, this campaign was bolstered by the Angler exploit kit, something that Trend Micro has run into multiple times before. 

When it was all said and done, around 500,000 people had been exposed to this particular malvertising campaign. These numbers show that malvertising is a big concern, and yet many people don't know about it. The fact that this malware can be hidden on even the most reputable of sites is a frightening concept and calls into question the safety of the entire world's Internet population. 

Malvertising is different than any other malware campaign

While the end goal is the same as other malware campaigns – steal as much money and information by infecting as many computers as possible – malvertising is an incredibly unique form of cyber crime. Aside from the fact that it uses reputable sites to distribute the infection, Wired contributor Rahul Kashyap points out that malvertising also requires hackers to put up some front money before any computer can be affected. 

In order to stay undetected, cyber criminals have to make it look like these ads are legitimate. That means they need to pay the original site for ad space, just like any other advertiser. In fact, Trend Micro has found that hackers often steal legitimate ad banners to make their operation look less conspicuous. 

This is incredibly different from other hacking campaigns, as it requires a good amount of money before the cyber crime even begins. While this is an interesting study into the mind of a hacker, the main point here is that cyber criminals know that malvertising campaigns work. The thought of getting caught is scary enough, but adding on the fact that they have to put up their own money before the stolen data rolls in shows that malvertising is incredibly profitable. What hacker would go through with such a campaign if there wasn't a big payday in it? This clearly shows that hackers are confident in malvertising's ability to infect machines and the average online user should be aware of this. 

Users need protection

Although malware being distributed from just about anywhere on the Internet is a frightening concept, users need not live in constant fear of cyber attack. There are a few things the average person can do in order to protect themselves and their data.

First, users should make sure their Web browser and plugins are completely updated. System updates do more than annoy people, they actually fix security vulnerabilities that hackers have been exploiting. Not updating leaves the users flapping in the wind, unprepared for cyber criminals to infect their machine. 

Second, people should try to avoid pop-up ads whenever and however they can. This should include installing an ad blocker to help keep malicious ads at bay. Advertising may be what is keeping many companies afloat, but the reality of the situation is that if these sites can't keep malvertising out, they simply cannot be trusted to receive ad revenue from viewers. 

Finally, and most importantly, people should absolutely look to invest in cyber security software. Going online without cyber security software is like driving a car without a seatbelt, and users need to understand the risks of going online without protection. 

Related posts:

  1. Why does Titanium Block Certain Websites?
  2. How to deal with fake websites
  3. Major US websites slammed by malvertising
  4. A cyber attack doesn’t need to be sophisticated to be dangerous

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Trend Micro Goes Global to Find Entrepreneurs Set to Unlock the Smart Connected World
  • Winners of Trend Micro Global Capture the Flag Demonstrate Excellence in Cybersecurity
  • Companies Leveraging AWS Well-Architected Reviews Now Benefit from Security Innovations from Trend Micro
  • Trend Micro Announces World's First Cloud-Native File Storage Security
  • Digital Transformation is Growing but May Be Insecure for Many
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.