How do hackers use online advertising to serve their malicious purposes?
When it comes to online advertising, publishers spend a lot of time finding and selecting ads that are profitable and also relevant to their viewers. With too many advertisers, ads and different ad vendors, it is easy to overlook little details, which might mean placing ads that are harmful to anyone that views or clicks on them. Hackers use ad serving
as a quick way to spread malicious viruses, often called malvertising, and they do so in the following ways:
Distribute malicious ads
One of the most effective ways for hackers to wreak havoc is to place malware or a virus in the ads that they send out to legitimate sites. To the publishers and the ad reviewers, these ads look just like any other. To other certain group of viewers, which are specifically targeted by the virus creator, a click, or simply a view, is all it takes for the evil wheels to be in motion. This vector of spreading can have potentially hundreds of thousands of computers infected by the malicious code. The malware can be as simple as adding countless pop-ups or load more ads, or as destructive as having the ability to spy, wipe or steal data.
Pose as legitimate advertisers
You might wonder how ad vendors and publishers can be fooled by these types of ads, but it is not as easy as you might imagine. These bad actors very often pose as legitimate advertisers and companies. They might have a professional website with testimonials from supposedly clients and all contact information that might or might not be valid. They may even publish "normal" ads before unleashing malicious ads with their virus on an unsuspecting public. It is important to perform all necessary due diligent on all new advertisers.
Hit a wide audience
Hackers are often small groups or even individuals and are not always particularly well-funded, which is why online ads are a great way for them to spread their malware. With so many ad exchanges and ad networks, they really don’t need to spend an awful lot of money to get a bad advert out there and affect a lot of people in a short period of time.
Hit many sites at once
It is time consuming and difficult for hackers to fool individual publishers and place ads with one website at a time. That is why it is always safer to sell advertising directly to advertisers. However, the bad guys can do some real damage by placing corrupted ads on a host of different sites using ad exchanges and ad networks, which all have wider reach and more inventory. That is why as a publisher you need to be really careful when choosing an ad vendor for your ad publishing needs.
Target certain geographical areas
While some hackers like to go after as many people as possible, some want to go after certain countries or a certain part of the world. It really all comes down to the amount of damage they want to do and where they want that damage to be. With comprehensive adservers
, it’s easy to target a specific area to serve online advertising.
Target certain operating systems and browsers
Software has bugs and hackers exploit these vulnerabilities. This is why it is so important to constantly update your computer, from the operating system to the browser you use. If you are a publisher, make sure your website and all of its supporting components get updated regularly. New software versions plug known security holes. Leaving an old system active essentially opens the door for hackers to come in via malvertising. These updates are generally always free to perform, so get in the habit of making sure that you are always current in everything that you use to go and host online.
- How do criminals use advertising for their malicious purposes?
"There are countless advertisers out there who understand how easy it can be to reach a wide audience using online ads. It has become one of the most cost-effective ways to get your message out to the masses. " More
- How to avoid malicious ads from hacking your site?
"Viruses and malware are an issue for anyone who uses a computer, but they can be particularly problematic for online publishers with ad serving on their websites. It is not uncommon for a malicious piece of code to be installed in an ad, wreaking havoc on your own system, as well as on those who click on that ad on your site. " More
- Security concerns with online advertising
"Publishers are well aware that there is a lot of money to be made by showing ads on their website. However, the issue here is that when rushing to monetize their pages, there are some site owners who do not perform proper due diligence. " More