Malvertizing: What It is and What You Need to Know to Keep Your Network Secure

What happens when you wrap a zero day attack into a drive by download attack and load it into a Flash-based advertisement? The result is a malvertizement, and the instances of these threats has risen an astounding 260 percent year over year from the first quarter of 2014 to the first quarter of 2015. What, exactly, is malvertizing, and what can you do to keep the computers on your network safe? Here’s the scoop.

What is Malvertizing?

Malvertizing is malware that is embedded in an advertisement that is placed onto a website. Unfortunately, it is not necessary to click on the ad for the malware to infect the visitor’s computer. Simply downloading the page is enough to infect the victim, and a sadly impressive 40 percent of all visitors to an infected website are victimized. This makes it extremely profitable for the hackers launching the malvertizements, meaning they are quite willing and amply funded to launch more attacks.

Malvertizements are usually delivered via Adobe Flash, which is known to have numerous security vulnerabilities. A number of websites and reputable companies are migrating to HTML5 to avoid the security issues inherent in Flash, but the process is slow and users can’t depend on a future migration from Flash to protect them from today’s attacks.

How Does Malvertizing Infect Computers?

The malware behind the malvertizements can do many of the same things any virus or malware can, such as take over the victim’s computer and hold it hostage or use it to drive fake traffic to some website in order to siphon advertisement revenues. Yahoo! has recently been victimized, proving that malvertizements are not relegated to the smaller, less reputable websites. One unique point about malvertizements is that these types of attacks target both the ad publisher and the advertiser.

Like other forms of malware, malvertizements must be designed to target a specific operating system. For example, the malvertizement that targeted Yahoo! was developed for desktop computers with Windows operating systems, meaning a desktop Mac user or mobile Android user would not be infected by that malware. Mobile versions of malvertizements sometimes look different than desktop versions. While malvertizements targeting desktop users take over the computer and hold it hostage or use it to launch botnet attacks, mobile malvertizements might download an app that the user didn’t want or display a popup that won’t go away, such as scams for tech support.

How Can You Prevent Malvertizing From Infecting Your Network and Systems?

In some environments, IT or the users can simply disable Adobe Flash, as most of the malvertizements depend on Flash being enabled to work. To find the steps for disabling Flash in your browser, simply do an Internet search for “how to disable Flash in [name of browser].”

It can help to maintain up-to-date anti-virus, anti-malware software, but sometimes it takes days for vendors to develop patches for the latest vulnerabilities discovered, and by then it can be too late. Sticking to the larger, better known websites can also help, but as the attack delivered via Yahoo! proved, this is not a 100 percent protection.

Sometimes, an ounce of prevention isn’t possible, and you have to depend on a pound of cure instead. Develop, test and practice a disaster recovery plan specifically for instances of malware infecting your systems via malvertizements.