‘Malvertising’ is a hacker’s newest method of destroying your computer

(Cyberwar.news) Hackers are becoming more creative as malware software improves, and it seems they are even using free market capitalism to access computers, reports Wired.

It’s called “malvertising” and it is when hackers legitimately buy ad space on a web site and, as the name hints, upload malicious advertisements that are designed to hack a site visitor’s system.

Wired reports further:

The news page looked perfectly innocent. Apart from the reams of celebrity gossip stories and throw-away magazine layout, nothing about the website for UK news site The Daily Mail seemed particularly malicious. But, if you visited the site in October, you might have fallen victim to a sophisticated hacking campaign without even realizing it.

In the background of The Daily Mail, third-party advertisements were secretly and automatically redirecting site visitors to powerful exploitation kits that were designed to install malware on computers.

That’s the booming – and shady – world of malvertising: Cyber criminals rent out ad space in corners of the Internet as well as popular sites in order to infect as many computers as possible.

Wired noted that malvertising can be traced back to at least 2009, when some site visitors to The New York Times site were met with a pop-up that posed as an anti-virus scanner. The attack on The Daily Mail was just one of many recent examples of attacks launched from mainstream sites. In August, The Huffington Post, which sees 100 million unique visitors monthly, was also found to be the target of malvertsing; indeed, Wired noted, that wasn’t the first time HuffPo was targeted. Other popular sites that have been hit include The Drudge Report and Yahoo! as well as Forbes.

Researchers at malware-security company Cyphort reported a 325 percent increase of malvertising attacks between June 2014 and February 2015, Wired reported.

How to stop this? Wired reports:

It’s up to users, site developers and the ad networks themselves to mitigate the problem of malvertising. 

Hélène Barrot, a representative from Google, told WIRED in an email that DoubleClick, the company’s ad platform (which has inadvertently been a part of malvertising campaigns), has taken a number of different approaches. It collaborates with industry partners, publishes research into malvertising, and uses malware detection tools. “In 2014, we disabled more than 524 million bad ads and we banned more than 214,000 bad advertisers,” Barrot said.

Segura doesn’t think that better ad scanning is going to help, though: There are just too many things to watch out for. Instead, he feels the barrier of entry should be raised, by imposing a large minimum fee for people signing up for ad networks, creating a bigger financial risk for criminals to take.

• Click here to ‘like’ Cyberwar.news on Facebook!

See also:

http://www.wired.com/2015/12/hacker-lexicon-malvertising-the-hack-that-infects-computers-without-a-click/