Since the dawn of the Internet age, online advertising has been a staple of marketing plans. Advertisers spend more than $35 million per year in the U.S. alone, and while ad spending on other media, including television and print, is either flat or declining, online advertising budgets are actually increasing.
The problem, though, is that online advertisers have a new foe to contend with, one that could put their entire campaigns in jeopardy and decrease the likelihood that their ads will be successful. Malvertising, which is the practice of hiding malware within legitimate online ads, is a growing problem. In just the last year alone, scammers who loaded malicious code into legitimate apps hit a number of major ad networks, and billions of ad impressions contained some type of malware. While not all of the code was designed to steal data, experts suspect that it’s only a matter of time before malvertising becomes a primary source of cybercrime.
How Malvertising Works
The process of buying online ads is vastly different from buying ads in traditional media. While it’s certainly possible for companies to purchase ad space on a specific site, and it does happen, the vast majority of online advertising is placed via ad networks. Advertisers can specify their market and retargeting parameters, and the network will place the ads for them as appropriate. In addition, many websites work with ad networks, meaning that that site itself has little control over which ads appear. For example, bloggers using sites like Blogger or WordPress can opt to join the ad network, which will place ads based on keywords and other data contained on the site.
While this model works, for the most part, it does create some issues with transparency, in the sense that publishers don’t always know who is advertising on their site at any given moment, and advertisers don’t always know where the ad impressions are coming from. And since ad impressions and clicks are big business — the more clicks that an ad gets, the more money the site owner earns — scammers have found ways to turn unsuspecting users into moneymaking machines.
How? Well, the typical malvertisement contains malware that essentially turns the victim’s computer into a botnet that scours the Internet for specific ads or sites, and creates false clicks or impressions to drive revenue. In most cases, the malware isn’t intended to steal user information, but to commit advertising fraud. Except that most criminals are greedy, and few stop there. There have been cases in owners of infected machines have been tricked into downloading additional software that’s designed to steal information.
How the Hackers Attack
In general, there are three ways that hackers place malvertisements, which have been found even on legitimate site:
- They add the malware right into the advertisement and send it to the ad network. This is rare, since most ad networks scan for malware before accepting an ad.
- The ad points to a site that contains malware. However, a good antivirus protection program will block access to the site or the malware download.
Most of the major ad networks scan for this type of malware, but sometimes the problem occurs later on — a user may have to click through three or four sites before hitting the infected page or ad. That’s why malvertising is so difficult to detect and stop. It’s not always obvious.
The best way to protect yourself against malvertising is to install virus protection software and keep it updated. Almost every website is vulnerable to the problem, so you can never rule out the possibility of even a legitimate site containing an infected ad; therefore, antivirus protection is your best option. It’s also important to stay on top of updates and patches to your operating system and applications. Malware often exploits security loopholes, so keeping everything up-to-date can effectively block harmful software.
The malvertising problem has grown so much that the Interactive Advertising Board, the Online Trust Alliance, and even the Federal Trade Commission have begun looking for solutions to prevent infected advertisements from harming both the advertising industry and consumers. In the meantime, use caution and the best security tools you can find, and help prevent malvertising from spreading further.