igor - Fotolia
What is client-side injection malware and how does it work? Are there any additional security controls enterprises should put in place to mitigate such a threat?
Client-side injection malware is another variant of adware, potentially unwanted programs, spyware and other similar types of malicious code. CSIM requires unauthorized code to be installed on the endpoint to manipulate the ads displayed in a user's browser. The code could be a browser extension, an app that monitors for e-commerce discounts or "deals," or even something that changes network settings on an endpoint to alter what ads are displayed on the endpoint's browsers.
In a recent study, security vendor Namogoo outlined how there are millions of dollars to be made by manipulating what ads are displayed on an endpoint and hijacking a website's e-commerce traffic. CSIM authors can profit from displaying certain ads or from preventing certain ads from being displayed on an endpoint. For example, an ad displayed on a webpage could be changed from the intended ad to an ad from a competitor.
The same controls for preventing malware on an endpoint work for client-side injection malware, with the caveat that some companies that provide adware as well as coupon, deal or price notification apps operate on the border of legitimacy and might start changing how ads are viewed on an endpoint. As a result, additional vetting might be necessary to evaluate the risk of a particular app or program from such companies, as well as the risk of it including rogue functionality.
Learn more about the malvertising attacks on Yahoo ads
Dig Deeper on Web browser security
Related Q&A from Nick Lewis
Cloud penetration testing presents new challenges for information security teams. Here's how a playbook from the Cloud Security Alliance can help ... Continue Reading
Many cloud providers are tight-lipped about internal security control details. Learn how to evaluate cloud security providers with certifications and... Continue Reading
Enterprises new to the cloud can write new security policies from scratch, but others with broad cloud usage may need an update. Consider these ... Continue Reading