Off late we have seen increasing number of clients coming for help with complains of browser infections like pop ups, hi jacks and ransoms etc. Surprisingly it is common to both of PC users and Mac users. This increase in victims of such malware threats are due to increase of new approach taken by the bad guys – Malvertising.
Malvertising can be delivered on wider scale simply by displaying advertisements on a web page. It’s usually spread without the knowledge of the site hosting the ads, and without the knowledge of the ad network the malware is riding on.
Even worse, malvertising can be designed to target specific systems as ad networks capture data like your browser, your operating system, and even where you’re physically located (all used to decide which ads to display), an intruder can use the ad network’s data to present malware specifically built, to target Windows or Mac machines in North America. Alternatively, the malware can only appear to users with Flash enabled, or to Internet Explorer or Safari users—anything to improve chances of an infection.
A lot of malware injected into ad networks are delivered to end computers through Flash and Java, but not all of it. In many cases, they make use of other zero-day exploits, either in the site running the ad (which then prompts you to download malware), or on the computer viewing it (which bypasses the prompt and just infects your computer.)
Malvertising is going to continue to be a problem, and while massive ad networks like DoubleClick and TradeDoubler and Yahoo’s own network are all trying to address it, it’s still up to each of us to protect ourselves, lock down our browsers with added layers of security, Anti Exploit programs and practicing safe browsing.