Cyphort Researchers Find Malvertising Campaigns Increased 325 Percent Through Early 2015
SANTA CLARA, Calif. – Cyphort, a pioneer of Advanced Threat Defense (ATD) solutions, released a special report ‘The Rise of Malvertising,’ that looks into the practices used by cyber criminals to inject malicious advertisements into legitimate online advertising networks. Cyphort researchers found that malvertising campaigns carried out by hackers increased 325 percent in the past year.
“Cyber criminals always look for the least point of resistance when attacking networks, making malvertising campaigns an enticing way for them to commit fraud and steal proprietary information from unsuspecting corporations”
Earlier this year, Cyphort Labs discovered a compromise of the AOL Ad-Network that led to major websites such as HuffingtonPost.com, FHM.com and LAWeekly.com being infected with malware. In fact, Cyphort’s researchers began detecting malvertising campaigns on HuffingtonPost.com in early 2015.
How Does Malvertising Occur?
Malvertising campaigns start when cyber criminals launch attacks through deceit or by infecting the ad supply chain including ad networks, ad exchanges and ad servers. Often times, the hackers will put legitimate ads on trustworthy web sites to build up support. They are basically trying to trick the network by appearing to look legitimate. Once trust is built, the hacker inserts malicious code or spyware behind the ad on a limited basis, just long enough for malware to be launched. Malware is then unknowingly incorporated into web pages through a corrupt or malicious ad. Consumers are the most direct victims as their computers and contained files are infected by simply clicking on a malicious ad or in some cases, by simply going to a site they visit frequently.
“Cyber criminals always look for the least point of resistance when attacking networks, making malvertising campaigns an enticing way for them to commit fraud and steal proprietary information from unsuspecting corporations,” said Dr. Fengmin Gong, Cyphort’s co-founder and chief science officer. “By issuing this newest report, Cyphort hopes that companies and end users will walk away with a better understanding of malvertising, how it occurs, its pervasiveness and what can be done to prevent it.”
The problem of malvertising isn’t going away and cyber criminals will continue finding ways to monetize their attacks. According to the Association of National Advertisers, ad-fraud will cost global advertisers more than $6 billion in 2015. Cyphort believes this number will continue to skyrocket in the coming years. Much like advertisers, site publishers can be blamed for malvertising attacks. If a user is infected, chances are he or she will have second thoughts about returning to the site.
Combating Malvertising Attacks
Malvertising attacks will only likely increase throughout 2015 and into 2016. Cyber criminals looking to carry out malvertising attacks look for the point of least resistance such as the hosting sites. From there victims can be targeted by industries, specific interests, geo locations and so on. Today’s common network detection tools won’t get the job done when it comes to identifying and combating malvertising. It is the responsibility of the web property owners (hosting sites), ad networks and web surfers to secure proprietary information and keep the hackers at bay.
To help the web property owners (hosting sites), ad networks and web surfers combat the growing threat of malvertising campaigns, Cyphort Labs recommends the following steps to implement an effective cybersecurity defense:
1. Advertising networks should use continuous monitoring that utilize automated systems for repeated checking for malicious ads.
2. Scans should occur early and scan often, picking up changes in the complete advertising chains instead of just ad creatives.
3. Ad networks should leverage the latest security intelligence to power their monitoring systems to stay up to date with global threats.
4. Individuals should avoid “blind” surfing to reduce their exposure to drive-by infection. Keeping your computer system and security software patched in timely manner will go a long way in protecting you when you do have to venture into the “dark night.”
Dr. Gong added, “Consumers will continue to be the most direct victims of malvertising campaigns, as their computers can be infected when they simply click unsuspectingly on a malicious ad or, in some cases, by simply going to a site they visit frequently. Hopefully consumers will keep their devices updated with the latest security patches available to download.”
To read the full Cyphort Malvertising Malware Report, visit: http://go.cyphort.com/Malvertising-Report-15-Page.html
Cyphort is an innovative provider of Advanced Threat Protection solutions that deliver a complete defense against current and emerging Advanced Persistent Threats and targeted attacks. The Cyphort Platform continuously monitors web, email and internal network traffic for malicious behavior and threat movement across the organization, correlates threats to incidents, and provides contextual, risk-based prioritization for immediate containment of any threat activity. Cyphort’s software-based, distributed architecture offers a cost effective, high performance approach to detecting and protecting the entire organization against sophisticated attacks. Founded by experts in advanced threats, Cyphort is a privately held company headquartered in Santa Clara, California. For more information, please visit: www.cyphort.com