SOCRadar® Cyber Intelligence Inc. | What is Malvertising & How to Stop Ad Malware?


Sep 02, 2022
7 Mins Read

What is Malvertising & How to Stop Ad Malware?

What is a Malvertising Attack? 

Malvertising, also known as malicious advertising, refers to criminally controlled advertisements within Internet-connected programs, typically web browsers (there are exceptions), that intentionally harm individuals and businesses by distributing malware, potentially unwanted programs (PUPs), and other scams.

An example of malvertising.
An example of malvertising.

Malvertising utilizes what seems to be genuine web advertising to deliver malware and other risks with little user participation. 

Malvertising may appear on any advertising on any website, even those you see during regular Internet use. In 2015 and 2016, the most notorious malvertising assaults took happened. Hackers infected famous websites such as Spotify, the BBC, and The New York Times with malware. The malware infected thousands of individuals with code that stole personal data and created malicious websites, among other things. 

How Does Malvertising Work? 

Multiple tactics may be used by a “malvertiser,” but the final effect is nearly always to convince the user to download malware or to divert them to a malicious location. Commonly, malvertisers send their harmful advertisements to third-party internet ad suppliers. If the vendor authorizes the ad and the malvertiser wins the bid, the ostensibly harmless ad will be shown on all sites with whom the vendor collaborates. 

Malvertising is something that online retailers are aware of and actively attempting to avoid, although it may be challenging to detect. For any online ad service, it is crucial to always engage with trustworthy, trusted providers

Threat actors are always searching for methods to take control of your computer and digital life. Many individuals are used to facing dangers from all sides at this point. Malvertising is unusual in that it poses risks to both users and owners. 

How does Malvertisements Affect Web Users? 

Malvertising may execute the following attacks on users who view it without clicking it: 

  • Installing malware or adware on the computer of a person seeing an advertisement. This kind of attack is often enabled by browser vulnerabilities
  • The browser is forcibly redirected to a malicious website. 
  • Beyond the advertisements legitimately shown by the ad network, displaying unwanted advertising, harmful information, or pop-ups. This is achieved by running Javascript.
What is malvertising?
What is malvertising?

When a person clicks on a malicious ad, malvertising may cause the following:

  • Install malware or adware on the user’s PC via executing code.
  • Instead of the site indicated by the ad’s content, redirect the visitor to a malicious website.
  • A phishing assault involves redirecting the user to a malicious website that closely resembles a legitimate site and is managed by the attacker.

How do Malvertisements Affect Publishers?

The risk to publishers includes a tarnished reputation, a decrease in traffic and earnings, and legal culpability for harm caused by website visitors.

While publishers are aware of the issue, it is impossible for them to test for or prohibit rogue advertisements. Ad networks distribute advertisements from millions of advertisers and display advertisements dynamically based on real-time bidding, making it very impossible to test all advertisements that are actually shown to consumers.

It is difficult to assign a monetary value to these losses. Be aware, however, that many individuals continue to be concerned about how malvertising might affect companies and people.

Common Types of Malicious Advertising Campaigns

Once internet criminals discover the kind of computer you use, the software you use, and your location, they have all the information they need to design targeted campaigns. Several types of campaigns include:

  • Various get-rich-quick scams and surveys. Screen hijacking is an aggressive tactic used by unethical advertising networks to disturb users’ surfing. They may be lotto offers, work-from-home scams, fake surveys, or other freebies that are too good to be true. In the past, this sort of poll has even targeted iPhone users.
  • Technical assistance cons. Tech support fraudsters have traditionally targeted Windows PC users, but they also target Mac users by abusing their false feeling of security using various social engineering techniques. In each example, phony websites misrepresent themselves as Apple or Microsoft, preventing users from quitting the page using JavaScript. This causes disgruntled consumers to contact the toll-free number provided by the malicious advertisement. Scammers, often from India, scare their victims by selling them useless “tech help” for hundreds of dollars. Fake updates for Flash Player (and other applications). This is one of the most prevalent methods for infecting Mac users with adware and malware. These websites, which masquerade as updates for the Flash Player or video codecs, are well-designed and persuasive. In some instances, the installation will download itself onto your machine. These advertisements are especially effective on pornographic or video streaming websites since they may entice people to download the program to see the desired material. You should avoid such “programming.” However, if you want to download, you should only do so from the product’s official repository since these imitations on infected websites are loaded with the trash that may slow down your Mac or, even worse, install spyware and other malware on it.
  • Scareware. Like the tech support scam, scareware claims that your Mac or Windows computer is seriously damaged or infected before urging you to download an application to repair it. Scareware scams are often the product of avaricious malvertising affiliates attempting to generate as many leads as possible to earn substantial profits from different PUPs.

How to Protect Yourself Against Malvertising?

Consider the conflict to be happening on two fronts. Website owners are responsible for removing inappropriate advertisements, but customers must also take action. If these attacks become ineffective, hackers may cease using them.

As a “user of a website,” you can:

  • Update. Always update your software to protect against the most recent vulnerabilities.
  • Download antivirus and ad-blocking software to prevent cyber criminals from launching assaults.
  • Set up. Examine your browser’s settings for security flaws. Some recommend disabling video autoplay, for instance.

Malware symptoms might include:

  • Dismal performance. Your computer may run slowly or cease operating entirely.
  • Unusual behavior. Your previous searches now go to entirely different sites. There may be applications on your computer of which you are unaware.
  • Complaints. Your connections may inform you that you send them strange notes.

Whenever you see such signs, you should take action. Utilize your antivirus program to eliminate any suspicious files. If you’re using a network computer, immediately notify your IT professional.

You, as a “website owner,” can:

  • Evaluate. Should you put advertisements on your website? Are the risks you incur proportionate to the possible profits you may earn?
  • Supervise. Ensure you are aware of every advertisement that appears on your website. Examine them individually. Some actors change permitted advertisements with malicious ones when they believe you are not viewing them.
  • Dictate. Define which advertisements you will and will not allow. Nothing on your site may include scripts, frames, or other technologies.
  • Check. Use Google tools such as this to evaluate your website’s security.

It is your responsibility as a website administrator to provide a secure environment for all of your visitors. You must take action if you believe you are giving them malicious advertising.