If you didn't know, hackers buy advertising traffic on par with ads publishers. And you should think twice before clicking on any of the online ads you see on the Internet.
The latest research from The Media Trust shows that video ads have recently become a real target for hackers. Why? First of all, because video advertising is much harder to vet for quality. Secondly, the price for such kind of advertising is dropping, which makes the video ads a real target for hackers, while previously the high price was scaring them away.
Some time ago Jérôme Segura, senior security researcher at Malwarebytes, discovered the campaign that had been launched by hackers to infect victims via Yahoo online advertising. The infection chain was launched when the user visited the infected pages that were dedicated to games and the lives of celebrities. The success of this case was caused by the popularity of the Yahoo brand: according to Alexa.com, it took the 5th place in the global ranking of websites.
A study from RiskIQ shows that “malvertising” has grown by 260 percent in 2015 in comparison with the same period in 2014. Most of the malware came from fake Adobe Flash updates and fake antivirus updates (not even speaking about vulnerabilities in Adobe Flash itself).
Another study from the security firm Bromium says that 58 percentof malicious software was delivered through popular news and entertainment websites, including the trusted sites.
What about ad-blocking patches? On the one hand, you can install ad blocker on your machine and about 80 percent of advertising will be blocked. But on the other hand, advertising publishers and popular online publications are fighting against the ad blocking software. For example, such popular news website as The Washington Post prohibited access to the news for Internet users who used adblocks. The resource provides detailed instructions on how to disable the adblock and continue reading.
The most common way to protect yourself from malvertising is a good antivirus solution. Although antivirus software cannot stop malvertising, at least it will protect your machine in case of possible infection. One more way to shorten the number of malvertising is to enable click-to-run, so that the Flash player won’t play ads automatically However, all these actions will not protect your machine from malware attacks and data leakage until you personally pay attention to the ads that you click. Keeping an eye on what you click and what is stored in the downloads folder can help you keep your system safe.