Malvertisement

From Wikipedia, the free encyclopedia
Jump to: navigation, search

A malvertisement is an infected online ad. The spread of malicious ads on the top commercial websites has recently taken a turn for the worse.Online Advertising provides malware a transit to disperse steadily. Malvertisement is a buzzword for Malware advertisement.

Platform[edit]

Advertisers use Web 2.0 to allocate third party content across the web.Web widget, Flash, Sliverlight; Pop-ups; Windows Media player files and JavaScript banners are used in order to put up and probate content from ad servers into user websites.The insignificant flaws in the process can be taken advantage of by attackers and redirect browsers to malicious websites.[1] An example of a flaw would be deficiency of security and privacy standards. Attackers also meddle with the sponsored links to spread malware successively into the system within Drive-by download infection.Internet Explorer has been a popular target.[2] Content delivery network is a third party ad server and often targeted by malware. Malicious codes are instilled, disguised in malvertisements and are extensively dispensed. Malvertisements spread in a hidden and trusted manner by corrupting the server that is widespread and credible.[3]

Social Networking sites are also victims of malvertisments,malware targets the weakest link of the chain of users and as long as one is exploited it can harm the entire network. Attacker injects the malicious link in a users message board , the link is to a third party website with malicious advertisements.[4] Topics such as Political campaigns and National affairs are used as trapping mechanisms for initiating infections on Social networks.

Pop-up ad is another platform for Malvertisements, hidden behind pop ups is malware, when the viewer clicks to exit the pop-up, the malware gets liberated.[5]

Cost of Advertising[edit]

Due to malvertisements the expenses of advertising is rising and the customer satisfaction is deteriorating.Consumers block the advertisements, when they feel that they have been negatively impacted therefore descending publisher's revenue.[6]

Targeted Websites[edit]

The nbc.com homepage was infected with citadel/Zeus installation malware.The U.S Veterans of Foreign Wars' was corrupted with malware.[7]

Expert's opinion[edit]

Third party networks publish large amount of ads, making it difficult to track the malvertisements. This makes it hard for companies to protect themselves completely from the attacks. Experts suggest to install a communication channel between installed widget and parent website to track traffic redirection and should be updated with latest software on a regular basis.[8]

"As the occurrence of malvertisements continues to rise, publishers need to ensure they are working with reputable advertising networks that are looking out for their best interests," says Elias Manousos, CEO of RiskIQ.[9]

Recent increase[edit]

Malvertisements have had a ten-fold increase between 2010 and 2011. There were over fourteen thousand occurrences of malvertisements in May 2011, each potentially infecting thousands or even millions of website visitors.

Stakeholders[edit]

The big ad networks are Yahoo, Microsoft, Adobe and Google. The big ad networks rotate ads on web publishers sites by using automation to pull ads from smaller networks and agencies.[10]

See also[edit]

  1. ^ Sood, Aditya K; Enbody, Richard J. "Malvertising – exploiting web advertising". Computer Fraud & Security 2011 (4): 11–16. doi:10.1016/S1361-3723(11)70041-0. 
  2. ^ Sood, Aditya K; Enbody, Richard J. "Malvertising – exploiting web advertising". Computer Fraud & Security 2011 (4): 11–16. doi:10.1016/S1361-3723(11)70041-0. 
  3. ^ Sood, Aditya K; Enbody, Richard J. "Malvertising – exploiting web advertising". Computer Fraud & Security 2011 (4): 11–16. doi:10.1016/S1361-3723(11)70041-0. 
  4. ^ Enbody, R.J (2011). "Online social networks - launch pads for Malware.". database and network journal 41.6: 26. Retrieved 10 August 2014. 
  5. ^ Christensson, Per. "[Pop-up] definition". techterms.com. Retrieved 10 August 2014. 
  6. ^ "AdMedia takes extra precautions to prevent consumers, brands and publishers from malvertisements". Business and finance week: 118. 2012. 
  7. ^ Siciliano, Robert (08/04/14). "Business Identity Theft; Big Brand, Big Problems". Retrieved 10 August 2014. 
  8. ^ Sood, Aditya K; Enbody, Richard J. "Malvertising – exploiting web advertising". Computer Fraud & Security 2011 (4): 11–16. doi:10.1016/S1361-3723(11)70041-0. 
  9. ^ "AdMedia takes extra precautions to prevent consumers, brands and publishers from malvertisements". Business and finance week: 118. 2012. 
  10. ^ http://www.usatoday.com/tech/news/story/2011-10-31/corrupted-ads/51048084/1