Malvertising: a bigger problem than the industry thinks?
Advertising - not as benign as you might think - delivering malware to 1 in 5 computers.
As reported on Tuesday, a malicious advertising network - dubbed 'Kyle and Stan' - has been dropping malware on possibly millions of users via hundreds of Web sites, including Amazon, YouTube and Yahoo, according to a Cisco investigation.
The attack has been running since May and is described by Cisco as "highly sophisticated" because it delivers different 'mutating' adware and spyware depending on whether the recipient is a Windows or Mac user. The code also reportedly drops unique malware on every victim to help avoid detection.
So what is malvertising?
A shortening of `malicious advertising,' malvertising involves injecting malicious or malware-laden advertisements into legitimate online advertising networks and Web pages.
It is very popular with cybercriminals, as a growing number of free Web sites rely on so-called `ad farm networks' to generate an income stream for them in return for allowing the automated display of adverts on their chosen Web portal.
First reported on as potentially brand damaging by Deloitte at the start of 2009 - about 18 months after the first malvertising attacks were spotted on the Internet - the problem has been growing steadily, as hackers target the ad farm servers for attack, on the basis that a successful incursion to the server in question can result in the compromise of many downstream Web sites.
According to AVG Threat Labs, an estimated 15 percent of global computer systems are infected, and, according to Diane McDonald, media manager with JupiterSupport.com, the US IT services and support firm, with the average American spending an average of 3.2 hours on social media each day, it's become increasingly easier for attackers to compromise millions of computers worldwide.
"When you crunch the numbers, one in five computers globally are affected by the Adware Generic Virus. This ratio is increasingly high considering there are more than a billion PC's being used around the world daily. This software's methods to solicit Internet-based commercial marketing efforts are not only illegal in many countries, but they also cause a major security risk and headache to users," she explained.
Because of the scale of malvertising, JupiterSupport.com says that users should update their operating system and other software on a regular basis and install effective IT security software.
Users should also complete a full computer scan regularly, scanning the computer regularly for malware - at least once every month - to detect and remove malware that has already been installed on the computer.
McDonald also advises PCs users on both sides of the consumer and business divide to steer clear of pop-up ads, as she says that many malicious Web sites try to install malware on the system by making images look like pop-up windows.
Over at Quocirca, the business and technology research house, Bob Tarzey, the firm's analyst and director, said that malvertising is a growing problem.
"It is actually beyond the advice from AVG and Jupiter, which has some merit - as my advice is to keep Web browsers up to date, as suppliers are starting to build in better protection," he said, adding that there is an onus on social media providers to put more effort in to ensuring that no malvertising gets on their Web sites in the first place.
The malvertisers may also meet their match in terms of US legislation, as the US Senate started an investigation into the problem in May of this year.
The investigation, which is due to complete later this year, may result in specific anti-malvertising legislation being enacted in the US, which will redouble the efforts of ad farm operators to better defend their systems.