What happens when online ads attack: Malvertising?

Top Stories

»	49% Indian startups now from tier 2, 3 cities: Jitendra Singh
»	'India ranks 3rd in global startup ecosystem & number of unicorns'
»	Tripura exported over 9K tonnes of pineapples in 2 years
»	CPI inflation eases to 6.71% in July, IIP falls to 12.3%
»	Rupee depreciates 12 paise to close at 79.64 against US dollar

Nilesh Jain | 02 Jun, 2016
Google defines 'Malvertising', a term coined from the combination two words, malicious and advertising, as - the use of online advertising to spread malware. Malvertising involves injecting malicious or malware-laden advertisements into legitimate online advertising networks and webpages.

Delving deeper into Malvertising

This is yet another form of cyber-attack gaining prominence in the realm World Wide Web after the widely discussed cyber-attacks like Ransomware etc. Through such attacks, cyber-criminals aim at compromising web browsers and its plug-ins. Embedding attacks in legitimate websites using third party ad networks is becoming an increasingly popular type of Malvertising. However, it is to be understood that the basic problem doesn't lie with the ads. It is the vulnerable software of the PC or the laptop that gets compromised after clicking the link of a malicious ad. Even if all ads vanished from the web overnight, the core problem would still remain.

Classifying Malvertising

Malvertising can be categorized into two categories, depending upon the way an attacker chooses to attack and compromise systems. One is by attempting to trick you into downloading and running something malicious. The second is by attacking your web browser and related software like the Adobe Flash plug-in, Oracle Java plug-in, and Adobe PDF reader. These attacks use security holes in this software to force your computer to download and run malicious software.

A vulnerable system would allow an attacker to compromise and infect a system by simply visiting a web page with malicious code. The cause of vulnerability in a system could be attributed to two reasons; first could be because an attacker knows a new zero-day vulnerability of the users system. Zero-day vulnerability is basically an uncovered or unprotected vulnerability of a computer's software that hackers can exploit to adversely affect computer programs, data, additional computers or a network. The uncanny name 'Zero-day' has been derived from the fact that once an attacker has exploited the vulnerability, the software coder has zero-days i.e. no time left for any damage control. Moving on, the second reason behind a system's vulnerability could be simply because the user did not install security patches in the system to keep it protected.

Easy hacks against Malvertising

Although cyber-criminals are on a constant lookout for loopholes to hack into a system, there are certain easy hacks that could help users fortify their web browser and protect themselves against the most common attacks online.

The foremost and easiest way is to enable click-to-play Plug-ins. A web page that contains a Flash or Java object doesn't run automatically unless the user clicks on it.

Almost all malvertising, use these plug-ins, so this option should protect users from almost everything. Contrariwise, Disabling or Uninstalling Plug-ins not used frequently, including java, could reduce the attack surface, giving attackers less potentially vulnerable software to target. For instance, Java browser plug-ins has been an unending source of vulnerabilities is used by few websites. Nonetheless, if there are Plug-ins that users wish to keep installed, it is vital that they ensure it is regularly updated with the latest security patches. Google Chrome automatically updates Adobe Flash, and so does Microsoft Edge. Internet Explorer on Windows 8, 8.1, and 10 automatically updates Flash, too. If you're using Internet Explorer on Windows 7, Mozilla Firefox, Opera, or Safari, ensure Adobe Flash is set to automatically update.

It has been observed that currently, maximum malvertising attacks have been performed against Windows computers. However, that does not give users of other operating systems a reason to be reluctant about the same. Bearing in mind that websites are hacked every day, a reluctant assumption that a mere adblocker is capable of protecting a computing device from expert hackers is a false sense of security. If a hacker identifies vulnerability in a system, even a single click could prove to be treacherous.

Conclusion

Malvertising is becoming a tough nut to crack, ensued by its disturbingly pervasive nature. Curbing it would require a combined effort of all stake holders in the ecosystem that comprises web site operators, ad networks, consumers and business audiences, striving to defend personal information and important data and neutralize the next data breach well in advance.

(Mr. Nilesh Jain is the Country Manager (India and SAARC), Trend Micro. The views expressed are personal.)