Malvertising is a combination of the words malware and advertising, and it is an attack strategy that hijacks legitimate online ads to distribute malware to victims. Users will think they are clicking on an ad for something they want to buy, but the advertisement will redirect them to a malicious page that then performs the intended attack. This attack strategy is dangerous because a malicious actor can use malvertising on any website they can successfully compromise, meaning these malicious advertisements can be found on almost any website that users interact with. In this article, we want to talk about everything you need to know about malvertising, so you can keep your work accounts and personal information safe!
What is Malvertising?
In a malvertising attack, a user will be taken to a command and control server operated by the malicious actor or threat group staging the attack. The server will then perform a drive by download, infecting the machine with malware. These attacks can sometimes be extremely sophisticated and check for applications on the user’s device in order to deploy the most effective ransomware for the given target. In the worst form of this attack, just loading the webpage hosting the malvertisement will cause the drive by download to initiate, automatically infecting the victim’s machine. Malvertising can also be used as an element of a phishing campaign or other attack strategies that do not involve web browsers.
What Damage Can Malvertising Do?
Once a malvertising attack has been successful, the kinds of malware it can infect a machine with are able to perform a wide variety of nefarious activity. For example, a malvertising attack can be the first step in launching ransomware, which can then encrypt data on the company’s network and grind the business to a halt until a ransom is paid. Spyware can also be installed silently, allowing the malicious actors to monitor the device’s activity and steal information without anyone noticing. As an attack strategy, malvertising allows hackers to deploy almost any kind of malware they choose, and this can make it an effective part of either widespread, untargeted attacks or planned advanced persistent threat attacks.
Mitigation Strategies
Although ads used in malvertising can’t usually be distinguished from legitimate ads, they can be stopped by ad blockers. Click-to-play plugin options can also be used to stop Flash or Java from being used without consent from the user, which can help identify malicious activity and stop the attack early. Other security solutions, such as endpoint protection and NDR, will help protect a small business’ network if an employee falls for a malvertising attack and malware is downloaded onto the device. One of the best mitigation strategies for preventing malvertising attacks is to train employees to not click on ads when they see them and to report suspicious emails that appear in their work inbox that contain suspicious ads.
Summary
Malvertising can be a dangerous attack strategy for small and medium businesses that are unprepared for it, but with the right protections and training in place, SMBs can often circumvent the threat. Our team here at Robinett Consulting recommend working with a reliable partner in IT to ensure that your network has the security solutions and training in place to prepare employees to spot and handle potential malvertising attacks. Your small business can take advantage of a complimentary consultation with us today, so we can help you strategize and implement cybersecurity solutions custom tailored to your IT environment!