Next year will see a rise in malicious advertising as a means to distribute malware.
Following on from news about scam ‘get rich quick' schemes that have led to Google filing lawsuits, according to CA's State of Internet Security report for 2009, rogue security software is the most prevalent malware infection method and attackers are taking advantage of rich content and media formats such as PDF, SWF, GIF and JPEG.
Joseph Souren, vice president of CA's internet security business unit across EMEA, said: “It is a cat and mouse game. Cybercriminals are evolving along with the malware community and are constantly looking for new vulnerabilities to exploit, from online banking to search index poisoning.”
Of this it claimed that search engine optimisation exploits and malicious advertising, what it calls 'malvertising', will increase in 2010. Rossano Ferraris of the internet security business unit explained that malvertising, search engine optimisation (SEO) and rogue anti-virus are generally correlated.
Ferraris said: “It happens when a message-ad on the internet lures users to click on to it and you are redirected to a malicious website hosting rogue software. The SEO is developed to get [into] an internet users search results, redirecting them again to a malicious website hosting rogue software.”
He further stated that malvertising can take a number of forms, typically with adverts that try to trick you into going to a site where malware is installed with ‘Your PC is infected! Click here to install our anti-virus software!' highlighted links.
Also, legitimate adverts are hijacked and users are directed to malicious sites and with malware that is disguised as adverts that exploit security vulnerabilities in web client software to install further malware.
Ferraris said: “The malware itself can be a so-called ‘infostealer' programmed to steal users' confidential information, a bot which transforms the victims PC into a zombie to launch DDoS attacks, or it can be a malicious process created to convince the users to purchase and install a rogue software on their machine.
“Given the vastness of web content, it is very hard for search engine companies like Google and others to detect and control this kind of manipulation.”