Is that ad banner over there trying to hack you? Maybe it’s your garden-variety paranoia. Maybe it’s malvertising – the cyber threat that delivers malware through online ads.
Malvertising, you said?
Indeed. It’s a portmanteau of malware and advertising (not to be confused with adware).
Yes, thank you. Like Brangelina. But dirtier.
Malvertising is what happens when attackers buy ad space in popular, legit websites and load them with ads infected by viruses, spyware, malware and all kinds of cyber filth you wish you’d never heard of.
Who has this affected so far?
A veritable who’s who of the world’s most trusted websites: Reuters, Youtube, MSN, Yahoo, The New York Times, Spotify… even The Onion. The list continues to grow.
So what happens, exactly?
Attackers piggyback on trusted, popular websites as a lure. They target clean and respectable places with lots of visitors like the ones we mentioned above. The sites themselves aren’t infected, and the ad providers don’t know they are blasting malicious ads into potentially millions of computers until it’s too late.
See, people may expect to catch something from visiting www.supersketchy-xxx.biz, but not, say, I don’t know - Reuters.
Wait. I hang out at www.supersketchy-xxx.biz
Right...maybe...don't? Moving on.
Often, when you open a website, your browser is actually connecting to several different URLs. One for the provider of the online ads, another one for the video content, yet another one for pop-ups… This adds to the complexity of figuring out exactly who is showing you what bit of the page you are looking at, and who is ultimately responsible for making sure that the content you are interacting with is safe.
Malvertisers love that complexity, and exploit it for their benefit and your cyber doom.
So, when I click on one of these ads...
… you get infected with all kinds of viruses and malware.
That’s fine by me, because I never click on ads. Right?
Not so fast. First, everyone clicks on ads sometimes, even if it’s just by mistake. And second, there are strands of malvertising that begin running malicious code the moment you open the page. No clicking or any other action required on your part.
I am officially concerned. Can we get to the part when you explain how people can protect themselves against this?
There are a number of things you can do right about now. Go ahead.
- Get a good antivirus, or upgrade your current one! This is really your first line of defense against malvertising and a ton of other forms of cyberattack. It just so happens we know where you can find a free one (cough, cough--plug).
- Install an ad blocker. Those bad boys can zap out ads before they even appear on your screen. There’s a little more to ad blockers than that, and not everything about them is great, so check this out before you get one. And if you’re a pro and you know what you’re doing, running a noscript extension will give you full control over what bits to let run.
- Disable Java. You don’t really need it. In most cases, you can probably live without Flash too. The fewer plug-ins you have enabled, the fewer potential doors you’re leaving open for malverts.
- Keep your plugins updated. Developers come up with fixes to security gaps all the time, but you need to make sure you have the latest version for them to be effective.
- Update your browser to the latest available version. Some malvertising attacks have tackled security holes in the browsers themselves rather than ads, so it pays off to make sure you have the latest security patches on when you surf the web.
Well, now I know
There you go. With these tips and a few clicks here and there, you can protect yourself from malverts.