Fact Check
Exposing the Dark Side of Malvertising: How Cybercriminals Exploit Online Ads for Harmful Operations
If you’ve ever been casually browsing the web and suddenly come across an ad offering a deal that seems too good to be true, chances are, it probably is. While online advertising connects us to real products and services, it can also hide a sinister threat known as malvertising. This combination of “malicious” and “advertising” refers to hackers using online ads to spread harmful software or malware. These malicious ads can be found on both unreliable and well-known, reputable websites—even those you trust and visit regularly. Yes, even while reading your favorite news site, you could unknowingly be exposed to a harmful ad.
How Malvertising Works
Malvertising is a clever cyberattack technique. Hackers create ads that appear completely legitimate, purchase ad space on websites or search engines, and then, without warning, your device gets infected. There are two main ways this can happen:
1. Clicking on the Ad: Some malicious ads are designed to trick you into clicking them. Once clicked, you’re taken to a site loaded with malware, or a download begins automatically.
2. Drive-by Infection: Other ads don’t require any interaction at all. Simply loading the page with the ad can trigger malicious code to run on your device.
ALSO READ: Join The Movement: Registration Open for ‘Cyber Safe Uttar Pradesh’ Event by FCRF on October 17
Cybercriminals are highly skilled at making their ads look legitimate, sometimes even masking them as sponsored content or as legitimate results in your favorite search engine. This makes it difficult to determine which ads are safe.
Even well-known companies have unintentionally hosted malvertising. Major names like Lowe’s, Slack, and even trusted ad platforms like Google Ads have been affected. Hackers use advanced methods to sneak malware into major ad networks, often going undetected.
How Widespread is Malvertising?
Is malvertising really a big problem? The short answer is absolutely. The numbers speak for themselves:
- In Confiant’s report for Q2 2023, malvertising incidents surged by 56% in just a single quarter.
- More than 2.8 billion malvertising impressions were recorded during that time—that’s a billion with a “B.” This means that nearly 3 billion times, someone was exposed to a malicious ad.
- 60% of these harmful ads were delivered through video and display ads, formats known for high engagement and, unfortunately, higher risk.
- High-profile platforms like social media and major news outlets are frequently targeted by these attacks.
Types of Malvertising
Not all malvertising operates in the same way. Here are the main types of tactics hackers use:
1. Drive-by Downloads: Simply loading the page is enough to trigger a malware download without you having to click on anything.
2. Fake Software Updates: These ads trick you into downloading what appears to be a critical software update, such as a security patch or Flash Player update, which is actually malware.
3. Phishing Ads: These ads pretend to be from a trusted company or service—like your bank or a popular retailer—designed to steal sensitive information such as passwords or credit card numbers.
4. Cryptojacking: Malicious ads can hijack your device’s processing power to mine cryptocurrency in the background, slowing down your system without you even knowing it.
5. Malicious Redirects: Some ads automatically redirect you to scam or phishing websites aimed at harvesting your personal data.
6. Exploiting Zero-Day Vulnerabilities: Hackers use these campaigns to exploit unknown or unpatched vulnerabilities in your browser or operating system, allowing them to install malware.
7. Ransomware Distribution: Some malvertising campaigns distribute ransomware, locking your device and demanding payment to unlock it. Infamous strains like TeslaCrypt and CryptoWall have spread through such methods.
Emerging Tools and Techniques in Malvertising
Hackers are constantly evolving their methods, and malvertising has become more sophisticated. Some of the latest tools and techniques include:
1. Steganography: Malicious code is hidden within seemingly harmless images or videos. Once the ad loads, the malware activates, making it difficult to detect using traditional security methods.
2. Exploit Kits: Hackers can buy pre-made toolkits like Rig, Angler, and Neutrino from the dark web. These kits allow even inexperienced attackers to target vulnerabilities in browsers, Flash, and Java.
3. Real-Time Bidding (RTB): Malicious actors use RTB platforms to quickly place harmful ads on high-traffic sites before they are vetted.
4. AI-Powered Phishing: AI technology is being used to craft incredibly realistic phishing ads that mimic brand logos and content, making it nearly impossible for users to tell the difference between real and fake.
5. Cryptojacking Scripts: Tools like Coinhive allow hackers to use malvertising to secretly mine cryptocurrency using the processing power of users’ devices.
Noteworthy Malvertising Cases
Malvertising has affected some major companies and platforms. Here are a few significant incidents:
- Spotify (2022): Users were redirected to phishing sites that mimicked Spotify’s login page, compromising thousands of accounts before the attack was stopped.
- Reddit (2023): Hackers ran malicious ads that led Reddit users to fake surveys, stealing their personal information.
- Slack (2024): A malvertising campaign infiltrated Slack’s ad network, compromising corporate accounts and exposing sensitive data.
ALSO READ: Don’t Miss FCRF’s Round Table on CryptoCrime, Regulation, and Blockchain Forensics on September 23
How to Protect Yourself from Malvertising
The good news is that you can take steps to protect yourself from malvertising:
- Avoid Sponsored Search Results: Malicious ads often sneak into sponsored search results. It’s safer to enter website URLs directly rather than clicking on search ads.
- Keep Software Updated: Regularly update your browser, operating system, and plugins, as these updates often contain important security patches.
- Use an Ad Blocker: Ad blockers like uBlock Origin or AdGuard can prevent malicious ads from showing up on your screen.
- Be Cautious of Suspicious Ads: If an ad promises something unrealistic, like a free iPhone or large sums of money, it’s likely a scam.
- Install Antivirus Software: Tools like Bitdefender, Kaspersky, or Malwarebytes can help detect and block malware from malvertising campaigns.
- Use a Secure DNS Service: Services such as Quad9 or OpenDNS can block access to known malicious sites.
The Future of Malvertising
Unfortunately, malvertising is likely to continue evolving. As cybersecurity companies develop more sophisticated defenses, hackers also get smarter. However, AI-powered security tools are improving, with companies like Confiant and GeoEdge using machine learning to detect malicious ads before they reach users.
In the meantime, it’s crucial for all of us to stay vigilant and protect our devices by following best practices. By doing so, we can reduce the risk of falling victim to malvertising.