Malvertising
Back to All Lessons

Many sites on the internet rely on embedded advertising to make money.

As the advertising industry has matured, a complex eco-system of ad networks and market places has developed to allow content providers to be matched with suitable advertisers.

Unfortunately, as ad-tech has grown more complex, hackers have recognized it as a new vector to deliver malware. Even big-name websites and applications have carried malvertising attacks in recent years.

If your site includes adverting, you are inviting a third-party to add content to your web-pages. Let’s see how you might be inadvertently exposing your users to malicious code.

Internet adverts are usually delivered via a “supply chain” of multiple nested services. This allows ad impressions to be resold and targeted to specific demographics, and response rates to be measured in real-time.

Each domain in the supply chain is a target for a hacker. If they can compromise servers hosting or routing advertising, they have a large pool of potential victims - a much more effective attack surface than hacking a single website.

A compromised server becomes a very effective way to spread malware because the attacker can target operating systems and browsers with known vulnerabilities.

Since only specifically vulnerable users are targeted, it can be very difficult for advertising networks to spot an infection! Hackers also use various tricks - like delaying the deployment of the payload, or only targeting every nth user - to defeat automated scans.

Malware can vary from annoying to malicious. A recent trend is the growth in ransomware, which locks up key files on your computer until a bitcoin ransom is paid.

Skull 48bdb4077813afe9762f27e229e64207ec59c3891a54a3adf931c2c91a6d99bd

If the adverts you host infect your users, they won’t be your users for very long. Let’s see how you can mitigate some of the risks around embedded advertising.

Adtech landscape 1 3c12710d2d15ddc492c6c32c3b3d5a239f3cb6de04fba5997caf8fb5c7bbe79f Adtech landscape 2 eb0532145051a4571defd2a052c16b9be00fe94c71ef35f09a1748cc106948c0 Adtech landscape 3 65a6197efd56a73c1fcc82cc00560d9128c7d4e45dde8d2bd7f66f5e0fd58eb9 Adtech landscape 4 590a65ebce8ce3d316a92d035fe33661b0448b5c7935053b61981732cab758fa Adtech landscape 5 868fe33cb9e5baed9bdc22a96379dd1220207f3f482a445dc74ee5c00d277c7c Adtech landscape 6 41babb277f959625cbc0b9d61308d1dbcec7053e3cdb8cec4ae78c0cfd2b5f27 Adtech landscape 7 9170b9d205e3a400654cdb8821d907b8940d4bdbd8fcc9391f7b6feeada74a0f
Google 6a968907e9b81122f27327b25e78c5adbdfe2fe1a617956c5486847615ce340f Lse 40c951717cf32173c9b499d3eecc65753d08b4cb1922c38a7579bb7b81e42414 Nytimes c1afee9f6ce08cc7d9383c444bcb64544617ca8ab11049178ebcb744e830f21e Skype 16b7efff6b06d6411f01e2f95bc539069b9735b1dff7f2208c97fecf5a498480 Spotify bc52ac5d33402a56c4f3d34ba9834028f526699c7c94caac725c291f06234291
Hacked 16d66a7c4096cf3ae5b7dd83b91ddadfb8034fcd16a0f3c0e6962daae4a45ff3
Hacked 16d66a7c4096cf3ae5b7dd83b91ddadfb8034fcd16a0f3c0e6962daae4a45ff3
Hacked 16d66a7c4096cf3ae5b7dd83b91ddadfb8034fcd16a0f3c0e6962daae4a45ff3
Hacked 16d66a7c4096cf3ae5b7dd83b91ddadfb8034fcd16a0f3c0e6962daae4a45ff3
Hacked 16d66a7c4096cf3ae5b7dd83b91ddadfb8034fcd16a0f3c0e6962daae4a45ff3
Hacked 16d66a7c4096cf3ae5b7dd83b91ddadfb8034fcd16a0f3c0e6962daae4a45ff3
Hacked 16d66a7c4096cf3ae5b7dd83b91ddadfb8034fcd16a0f3c0e6962daae4a45ff3
Hacked 16d66a7c4096cf3ae5b7dd83b91ddadfb8034fcd16a0f3c0e6962daae4a45ff3
Laptop browsing 710aaf74e4bf7617ef0ace7e33f8faafa7e82d28ff85fe964f90374c2bb62997 Laptop hacked 4ec24d9e01b98508ec6f22d4a0e80a29fadcc112a244758a4f4c23f6b10c9b60
Is your site vulnerable?
Netsparker n 834848961a0bf6ec5556448ff47f421d0b1204a572877a59717064b1088e8c43
Check today. Scan your website for Malvertising and other vulnerabilities with