Racy or benign, your favorite sites have likely exposed you to malware-laden ads
How likely are you to get hit with malware from an ad, even if you
don't surf piracy or porn sites? Not very, but still more likely than
you might think.
The
research paper also found that malvertising distributors didn't seem to
care which kinds of sites were used as a vector. Adult sites, which
conventional wisdom associates with malware-infected advertising, were
only 10 percent of the total number of sites delivering infected ads,
while mainstream news and entertainment sites together constituted 29
percent.
Aside from hackers buying ad impressions outright,
some of the problems with malware in advertising networks can be
attributed to issues like ad arbitration, wherein slots for ads get
resold without the knowledge of the publisher. By the time an ad reaches
a user, it might have passed through so many hands that few people
would be aware it contained any malicious elements.
Whatever the
exact mechanism, plenty of historical precedent shows that
malware-delivering ads can sneak in nearly anywhere. Back in January,
researchers warned that the ads.yahoo.com domain was serving malware-infected ads
that targeted vulnerabilities in Java, a common exploit vector. As of
this September, DoubleClick and Zedo were found by security researchers
at Malwarebytes to be delivering malware
as well. Lastline determined that DoubleClick was one of the cleanest
ad networks, with a 99.6 percent "benign" rating, although it's easy to
see where some of the remaining 0.4 percent came from.
No comments:
Post a Comment