Malware Attacks Increasing Through Malicious Online Advertising

Popular websites, blogs and ad networks are fast becoming the preferred means of cybercriminals, identity thieves, and hackers to steal consumer information and distribute malicious content.

The most common attacks today are made possible by Web site / server hacks, against which publishers, with the exception of their off-site links, are probably best protected, and by user-contributed content, advertising and cross-site widgets.

However, virtually none of these Web sites or advertising companies has an effective means to uncover and identify the “drive-by” downloads, malicious software, and other fraudulent content that infect their properties through the plethora of user-contributed pages and the stream of advertising that is added to their sites on a daily basis.

In May, digital advertising technology company, the Rubicon Project, revealed some insight into emerging industry trends and market shifts that occurred in the first quarter of 2010 in its Online Advertising Market Report series.

The report showed that with the continued growth in online advertising, there is also an increasing trend in online threats through “malvertising,” a growing method used to distribute malware via advertising tags served through an unsuspecting publisher’s Web site, blog comments, forums and other forms of user generated content, allowing cybercriminals to create content that used to carry out a wide range of malicious attacks.

Google, in response to the increasing level of threats, setup Anti-Malvertising.com,  a Web site they call an “Investigative Research Engine.” The site, setup in June 2009, checks a variety of independent, third party sites that track possible attempts to distribute malware through advertising and serve as a resource to educating Internet users, ad network operators and publishers about the problems. Google also employs a “Head of Anti-Malvertising,” Eric Davis, who has been in the role since 2008.

“For publishers, advertising is about making money, but malicious ads change the equation. Publishers need better solutions to protect their customers from malvertising and the potential for malicious content on their Web sites,” noted Rob Lipschutz, co-founder and CEO of SiteScout, a company acquired by the Rubicon Project in May 2010 that helps protect publishers against malicious ads and other dangerous Web content. “The advertising ecosystem faces a stiff challenge and the problem is widespread and found in both direct advertising as well as more distributed ad networks. New ad formats also make the problem increasingly complex.”

Many of the digital ad serving platforms being used today were developed over a decade ago and not designed to cope with today’s massive volume of transactions from buyers and sellers around the world, creating a constant stream of new vulnerabilities in the system.

Advertisers and agencies often utilize “third party ad tags”, allowing them to control and monitor their ads which removing the ability for publishers to be able to control what ads are served. With larger publishers, ad networks and exchanges having thousands of different ad tags running at any given time, monitoring all campaigns and creative being served is a challenge. These disparate systems have had no universal quality control because nothing is tied together, driving the need for automation and technology innovation to eradicate the vulnerabilities of this process.

The need is clear for a solution aimed at publishers and advertising companies, the producers of content, rather than end-users, that provides visibility and advanced protection against the new kinds of attacks to prevent direct loss of revenue or risk to brand (leads to loss of revenue). In January, the Rubicon Project launched Rubicon Security, its first foray into protection against malware attacks on publisher customers’ sites. Combined with the acquisition of SiteScout,  the Rubicon Project has established a comprehensive solution to help combat malvertising within its platform.

Dasient, another company that protects businesses from web-based malware attacks, provides a Web Anti-Malware (WAM) service that can automatically identify and quarantine malware on websites, helping businesses avoid losses of traffic, reputation, and revenue.

The issue of malware will only increase as a key risk to publishers’ advertising businesses – and to the consumers driving those businesses – in the months ahead.



This entry was posted on Wednesday, October 5th, 2011 at 1:40 am and is filed under Security. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.


Comments are closed.