SSL

Malvertising: New Threat in the Block

July 29, 2015 | By Editor 

Cyber criminals are using SSL redirects to deploy malware’s through ads in popular websites.

Malware authors are taking the definition of deceptive advertising to the next level. Malvertising – a portmanteau for ads tainted with malware’s – don’t mislead you into buying the advertised products; instead, they come embedded with malware’s that use the most sophisticated means of virus infection to victimize you.

The audacity of malvertising surpasses the security an SSL certificate provides, because they misguide the SSL redirects to achieve their very means. Upon clicking an infected ad, malvertisers deploy a chain of redirecting URLs encrypted with SSL; on the third click during the redirection, a malicious script plants itself into a victim’s computer.

Eventually, the malware detects a zero-day vulnerability in the system and is able to install a ransomware into the computer.

Well-known California-based security firm Cyphort recently released a report stating that the growing trend of malvertising has already affected several websites in Japan, Saudi Arabia, Turkey, and Vietnam. Statistically, these are popular websites with a relatively high number of visitors in their respective region, which is why malvertisers chose them to release their malice.
The smart alec cyber criminals are purposely avoiding websites hosted in U.S. servers because they know their plans might backfire due to the high level of scrutiny placed in American websites.

Despite that, some malvertisers recently unleashed viruses in a website owned by the American internet giant AOL. The biggest challenge for big brand websites like AOL is that they provide space for thousands of ads, and it is a monstrous challenge to diagnose them all for malware detection. According to industry experts, most of these malvertising viruses are hard to detect and treat because they are new.

The tragedy is, owners of these websites are oblivious of this dangerous trend; the ones that are aware are helpless because they have no control over the scores of ads that comes to them through an organized syndicate. But not all is a lost case, because the Interactive Advertising Bureau, the regulatory body that governs the distribution of online ads on the internet, is making it a high priority to spread the use of ad-blocking technology more than ever before.

Posted in SSL

Be Sociable, Share!

Leave a Comment


 


* fields are mandatory