Malware sneaks into online ads: researchers

Aug 05, 2014

Hackers are increasingly slipping malicious software into online advertising, creating risks for the Internet economic model, security researchers said Tuesday.

A report presented at the Black Hat security conference said "malvertising" has become increasingly prevalent and difficult for users to detect.

"Malvertising victims are infected with malware in the course of their normal Internet browsing and therefore have no idea where or how they were infected," said the report presented by Cisco .

"Tracing the source is next to impossible, because the ad that delivered the malware has long since disappeared."

The Cisco researchers say the problem is especially thorny because almost any website can be infected with a "drive-by" ad and may not be detected either by the website operator or ad network.

"A malvertiser who wants to target a specific population at a certain time—for example, soccer fans in Germany watching a World Cup match—can turn to a legitimate ad exchange to meet their objective," the report said.

"Just like legitimate advertisers, they contact companies that are gatekeepers for the ad exchanges. They will pay up front for the , perhaps $2,000 or more per ad run, and instruct the companies to tell the ad exchanges to serve the ads as quickly as possible, leaving little or no time for the ad content to be inspected."

Cisco said malvertising appeared to be used to distribute viruses which lock up a user's computer until he or she agrees to pay a fee—a system known as "ransomware."

The report said malvertising is a potentially huge problem because it could disrupt the massive market for online advertising.

"Internet advertising, annoying as it can be for users, is important because it allows people to freely consume the vast majority of the Web," the report said.

"If that model were to change or people were to stop trusting Internet advertising altogether, the repercussions for the Internet would be monumental."

The warning came in Cisco's mid-year security report presented at the Las Vegas conference. The document also pointed to numerous vulnerabilities in corporate networks that may be exploited, including outdated software, bad code and abandoned digital properties.

Explore further: US Senate says firms must protect against malicious ads

add to favorites email to friend print save as pdf

Related Stories

US Senate says firms must protect against malicious ads

May 15, 2014

The U.S. Senate warned Google, Yahoo and other leading technology companies Thursday they need to better protect consumers from hackers exploiting their lucrative online advertising networks or risk new legislation that would ...

US Internet ad revenue surpasses broadcast

Apr 10, 2014

For the first time, U.S. Internet advertising revenue has surpassed that of broadcast television thanks to sharp growth in mobile and digital video ads.

US Internet ad revenue grows 15 percent in 2012

Apr 16, 2013

U.S. Internet advertising revenue grew 15 percent to a record $36.6 billion in 2012, with mobile ad revenue growing faster than other types, according to a new report Tuesday.

Recommended for you

Man pleads guilty in New York cybercrime case

16 hours ago

A California man has pleaded guilty in New York City for his role marketing malware that federal authorities say infected more than a half-million computers worldwide.

How to keep the world's eyes out of your webcam

Nov 21, 2014

There are concerns that thousands of private webcams around the world could be streaming live images to anybody who wishes to view them – without their owner knowing – thanks to a Russian website provi ...

Britain urges Russia to shut down webcam spying site

Nov 20, 2014

A Russian website offering thousands of live feeds peering into bedrooms and offices around the world by accessing poorly secured webcams should be taken down immediately, British officials said on Thursday.

NSA Director: China can damage US power grid

Nov 20, 2014

China and "one or two" other countries are capable of mounting cyberattacks to shut down the electric grid in parts of the United States. That's according to Admiral Michael Rogers, the director of the National Security Agency ...

Some in NSA warned of a backlash

Nov 20, 2014

Current and former intelligence officials say dissenters within the National Security Agency warned in 2009 that secretly collecting American phone records wasn't providing enough intelligence to justify ...

Russia hacking site spying webcams worldwide: Britain

Nov 20, 2014

Britain's privacy watchdog on Thursday called on Russia to take down a site showing hacked live feeds from thousands of homes and businesses around the world and warned it was planning "regulatory action".

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.