Malvertising has been around for years, but as we continue to discuss, it’s becoming more sophisticated and harder to detect. Malvertising is when an attacker seeds online ad networks so that when ads appear on websites, they can potentially deliver malware to the user’s computer. All the user has to do is view an ad, not even click on it, and their computer could be infected. The scarier part is that these types of malware are extremely hard to track down and stop.
The New York Times, BBC, The Hill, Newsweek, AOL, MSN, and more are all examples of large companies that have had their ad networks hijacked. Typically, hackers will acquire expired domains of trusted ad companies or temporarily hijack an existing one, to get access to these higher-level ad networks. By hijacking these already vetted sources, they are then allowed access to the ad networks of these larger companies (The New York Times, BBC, etc). Attackers even go so far as to set up fake social media profiles, fake domains, etc. so that they appear legitimate to online ad companies.
These ads carry the Angler exploit kit, which is a type of software that probes the user’s computer for vulnerabilities to which it can deliver malware. Since the malvertising was delivered to these high-trafficked sites, it affects a very large amount of people in a very short amount of time. (Think hundreds of thousands in just 24 hours)
Attackers are becoming increasingly more aware of who is tracking and watching them. They profile, or fingerprint, machines and can look for security researchers. The attackers can then designate certain IP addresses and VPN networks to not receive the malicious ads. That way, the security researchers cannot replicate the ad, and figure out how to stop or prevent them. The attackers are going to look for the people who are more vulnerable and likely to click on the malvertising.
Again, having the right security measures in place, having back-ups, and continually protecting you and your company will keep you safe from malvertising and other types of malware. If you are proactive, you can save yourself the headache of dealing with all these new and sophisticated types of malware. Or at least, you can recover quickly if you are hit with one.
Call our business managed IT services department directly at (404) 777-0147 or simply fill out this form and we will get in touch with you to set up a getting-to-know-you introductory phone call.
Fill in our quick form
We'll schedule an introductory phone call
We'll take the time to listen and plan the next steps
11285 Elkins Rd Suite E1, Roswell, GA 30076
Hours: Monday - Friday
8:00 am - 5:00 pm
Hours: Monday - Friday
8:00 am - 5:00 pm
If you want our team at Centerpoint IT to help you with all or any part of your business IT, cybersecurity, or telephone services, just book a call.
We are turning 15 and want to celebrate this milestone with you because without you this would not have been possible. Throughout this year look for special promotions on services and tools aimed at Making IT Simple for You so you can focus on your business.
We are turning 15 and want to celebrate this milestone with you because without you this would not have been possible. Throughout this year look for special promotions on services and tools aimed at Making IT Simple for You so you can focus on your business.
