Research by security company Malwarebytes apparently shows that the volume of malvertising-related attacks for the first five months of this year is already 25% higher than that for the whole of 2012. According to the company, this equals up to five million related exploits a day.
The company says it compiled the statistics by analysing all the malware in its global threat database. As well as detection and analysis, the database allows researchers to extrapolate detailed data on the latest and most complex threats on the Internet, according to the company.
The company said that further analysis reveals that about 60% of all malicious ads contain Java and Flash exploits which are used to spread exploit malware such as the Flashback Trojan, Hapilli and Zeus. Hundreds of sites are targeted through the ads, but attacks are often rotated, so when people report the threat there is no evidence of malicious intent.
“Malvertising has exploded over the last few months because it brings a way for cyber-criminals to target people en-masse in a simple and seemingly legitimate manner. Unfortunately it is often hard to spot and is hosted on seemingly legitimate websites,” said Marcin Kleczynski, CEO of Malwarebytes.
“In addition, once an exploit is downloaded, the payload is often the latest breed of malware, which is increasingly efficient at disabling or working around traditional anti-virus.
“Ad networks and providers should use better filters between ad source and the pages displaying the ad, as well as monitoring ads on an ongoing basis to ensure malicious code hasn't been added.”