malvertisement (malicious advertisement or malvertising)

A malvertisement (malicious advertisement) is an advertisement on the Internet that delivers a malicious payload. 

A malvertisement (malicious advertisement) is an advertisement on the Internet that is capable of infecting the viewer's computer with malware. According to the network security company Blue Coat Systems Inc., malvertising is the current computer hijacking technique of choice for organized crime. Compromised computers can be used to create powerful botnets that can be used to carry out identity theft, corporate espionage or other nefarious activity.

Malvertisements are commonly placed on a website in one of these two ways: 

Legitimate advertisements: Initially, a criminal may place a series of malware-free advertisements on a trusted site that runs third-party ads and leave them alone for several months in order to establish a good reputation.

Later on, the criminal will inject a malicious payload into the ad, infecting as many computers as possible in a short amount of time before removing the malicious code or discontinuing the ad.  This type of attack is often run on websites that run third-party ads. By infiltrating popular syndicated online ad services, thousands of sites can be infected at once. Unfortunately, websites that run third-party ads can do little to protect their visitors because syndicated ads are not under their direct control. In fact, the company from whom they receive the ads may use ads from other publishers, so the original source of the advertisements can be several parties removed.

Pop-up ads:  A pop-up ad can deliver a malicious payload as soon as the ad appears on the viewer’s screen. Scareware, which is malicious code disguised as an anti-virus application, is often delivered through pop-up ads. In some cases, the malware will execute when the viewer clicks the “X” to close the pop-up window.   

Malvertisement infections are becoming so prevalent that many security experts recommend that users block all pop-up ads and create an application whitelist that will only allow their computer to run programs that have been positively approved.

 

This was first published in June 2011

Continue Reading About malvertisement (malicious advertisement or malvertising)

Glossary

'malvertisement (malicious advertisement or malvertising)' is part of the:

View All Definitions

Dig deeper on Emerging Information Security Threats

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

File Extensions and File Formats

Powered by:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close