We encounter advertising everywhere we go. Both physically on buses and buildings, but especially online on various websites.
But what we don't think about with these advertisements is that they can be exploited by cybercriminals using compromised coding. This is called malvertising and we'll go in depth with the phenomenon here.
A malicious advertisement
The word malvertising is a combination of malicious and advertising. Malvertising is the term for criminally controlled advertisements on websites. Cybercriminals malvertise in internet browsers and the websites look harmless - but they hide malware and malicious code that can harm our devices.
The dangerous thing about malvertising, besides of course containing malware, is that it doesn't require much user interaction - in some cases, the hacker only needs the victim to have the browser open.
Malvertising can hide on any website, even those you visit frequently. The way malvertising works is that it installs a small piece of malicious code in an advertisement. This code sends your computer's internet browser to the cybercriminal's "command center" where they can sit and observe your server. Their server scans your computer for the software you have on your device, looking for the software they want to target with malware. Often it's software that hasn't been updated or is vulnerable due to other flaws in the systems. Because the specific servers are more vulnerable, they are easier targets for the hacker.
The essence of malvertising
Malvertising uses the same features and coding as regular, non-malicious advertisements do. Cybercriminals embed infected text or graphics into legitimate advertisements - that's why you can't tell if an ad is harmless or not.
Even if cybercriminals attach malicious code to a legitimate advertisement, you cannot tell that the advertisement is infected. The ads can be, among other things:
- Banner ads
- Pop-up messages
- Paid advertisements
Pop-ups can be messages telling you that you can save so-and-so percentages by using a code; they can be "warnings" about an expired antivirus program; they can be fake browser updates - it's a long list, but most importantly, it's a message that often requires action.
Cybercriminals use social engineering in these cases, and typically time pressure is their ideal method. Some examples include:
- Your antivirus program is about to expire. You are encouraged to press "renew" or similar, to avoid the risk of being without an antivirus program.
- A limited-time offer on the website. When we are told that an offer is valid for a limited period of time, we often jump at the offer - this is exploited by cybercriminals.
- A warning that malware has been found on your computer. This will cause most people to panic and click on the pop-up message that tells us how to get rid of the malware again.
Another method that cannot be tracked or seen is a so-called drive-by download. This means that the victim does not receive any pop-ups or are prompted to click on links - all they have to do is go to the website - this initiates the download of malware.
This exploits any small vulnerability in your browser and software. This allows hackers to get into your systems and access your personal data and software.
How much damage does malvertising do?
As briefly mentioned, cybercriminals can ultimately access your data if you are unfortunate enough to land on a malvertising website. Malvertising is more or less inevitable as soon as you are on a malicious website.
Cybercriminals are after your personal data they can sell on the dark web, bank details and other sensitive documents and information. This often results in a ransomware attack, where the hacker will demand a ransom to gain access to your files and documents. Therefore, it's a good idea to make backups of your devices so that if you do fall victim to a ransomware attack, you have a backup of your files and documents - and don't have to pay the ransom.
In addition, cybercriminals can also encrypt or delete your data so you can't see or access it. They can also perform a Man-in-the-middle attack, where they sit as a "middleman" between you and your online activity - without you knowing that a malicious actor is watching. Similarly, hackers can also key log, where they can follow what you type on your keyboard. Here they can quickly figure out codes and logins for different websites.
If we turn back time
Malvertising has evolved as our everyday lives have become intertwined with technology and the internet. The first case of malvertising was discovered in late 2007, when cybercriminals exploited a vulnerability in Adobe Flash and ended up compromising advertisements on the then popular communication platform, MySpace.
Subsequently, several large companies have been hit by malvertising. Some examples are:
- Spotify
- Yahoo.com
- The New York Times
- The Los Angeles Times
There are several different forms of malvertising that have targeted these companies, and the types of malvertising have also evolved over time. Now, cybercriminals are also using cryptocurrencies to lure consumers into their traps - new trends in the cyber world mean new hacking methods for cybercriminals.
How do you protect yourself from malvertising?
You might ask yourself how best to protect yourself from malvertising - if you can protect yourself from it at all?
Well, you can if you first and foremost pay attention to maintaining good, strong cybersecurity. You need to keep your systems, devices and software up to date so that all the latest patches can be applied.
In addition, consider if there are any software and programs you don't use - these can be removed and uninstalled from your computer. By removing unused programs and software, you reduce the attack surface that IT criminals can exploit.
You can also follow one of the tips to avoid falling into the phishing trap, which is not to click on anything you don't know what is. Although cybercriminals can hide malvertising in browsers, it will often be in advertisements on websites rather than entire websites that are compromised. Therefore, don't click on links and avoid clicking on ads on websites.
Finally, you can also use an ad blocker that removes ads from websites. In addition, ad blockers can also filter the worst malvertisements from websites, minimizing the risk of clicking on a malicious ad.
Caroline Preisler
Caroline is a copywriter here at Moxso beside her education. She is doing her Master's in English and specializes in translation and the psychology of language. Both fields deal with communication between people and how to create a common understanding - these elements are incorporated into the copywriting work she does here at Moxso.
View all posts by Caroline Preisler