Malificent Malvertising

By Stuart Fuller


"The lasting legacy from the Watergate scandal is that today any wrongdoing is immediately given the suffix 'gate'" was one of the final lines from the film Frost vs. Nixon.  The suffix has become part of everyday vocabulary, with Dieselgate being the latest addition to the lexicon, but has yet to make to transition to the digital world.  We still see two or three new words every year being introduced to represent an event or phenomenon.  Showrooming,  The Fappening, Ransomware all today have become well used words to describe digital events, but now we have a new one to remember.  Security firm Malwarebytes this week reported another major incidence of malware hidden inside online ads, similar to the issue which affected Yahoo earlier this year.

Malvertising is our latest worry according to the firm, based on an incident involving one of the world's most visited adult websites.  Millions of monthly users to the site may have been exposed to the threat although they would have had to have clicked on the banner ads to be affected.  The malware, which also made use of the security of cloud-based platforms to hide what it was doing, worked by redirecting anyone who clicked on the "enticing" advert to a page once it had determined that they were running Microsoft's IE browser and had identified the device's security settings, where the malware would be downloaded onto the user's machine.

Malvertising not only offers the threat of malware and viruses but the ever increasing risk of Ransomware, where the user would see a page containing false accusations of criminal activity and instructions for paying a fine to regain control of the computer.

The age old consumer advice of "if it looks too good to be true, it probably is" holds firm in the cases of Malvertising too.  Adverts that contained the malware hVe to be enticing to the user and their motives for visiting that website.  For adult and pornographic websites that offer will undoubtably be outlandish, but the cyber criminals only need one or two victims in their net to get their return on investment.