Malvertising: The Dark Side of Online Ads and How to Protect Yourself

If you’ve ever been browsing online, minding your own business, and suddenly an ad pops up offering you something too good to be true, well, it probably is. Online advertising can connect us with legitimate products and services, but lurking in the shadows is malvertising.

Malvertising a mix of malicious and advertising is when hackers use online ads to distribute malware or other harmful code. These malicious ads can appear on both dodgy and highly reputable websites, even those you visit regularly and trust. Yes, you could be innocently scrolling through a popular news site when bam! a rogue ad strikes.

How Does Malvertising Work?

Malvertising is a crafty form of cyberattack. Hackers create ads that look completely legitimate, buy ad space on websites or search engines, and then… boom you’re hit. The ad can infect your device in one of two ways:

1. By Tricking You to Click: Sometimes, the ad’s goal is to get you to click on it, where it leads you to a malware-laden site, or even initiates a download right from the click.???

2. Drive-by Infection: In other cases, you don’t even need to interact with the ad. Simply having it load on the page can be enough to launch malicious code on your device.

Malicious actors are skilled at mimicking legitimate ads, sometimes disguising them as real sponsored content or as paid results from your favourite search engine. This makes it harder to tell what’s safe and what’s not.

Even big, trustworthy companies aren’t immune to hosting malvertising. Lowe's, Slack and even reputable ad networks like Google Ads have been caught in the crossfire. Hackers use highly sophisticated techniques to sneak their malware into mainstream ad networks, slipping under the radar.

How Bad Is It?

Wondering if this is really happening on a large scale? The short answer: yes, it’s happening a lot. Let’s break down the numbers:

- According to Confiant’s Q2 2023 report, malvertising incidents skyrocketed by 56% in just a single quarter.?

- They detected over 2.8 billion malvertising impressions during that period. Yes, that's billion with a "B." This means that nearly 3 billion times, someone encountered a malicious ad.

- 60% of these harmful ads were delivered via video and display advertising, formats known for high engagement and, unfortunately, high risk.

- The problem is even worse for high-profile platforms, with social media users and readers of major news outlets being frequently targeted.

Types of Malvertising

Not all malvertising is the same. Here’s a look at the various tactics hackers use:

1. Drive-by Downloads: You don’t have to click on anything—just loading the page is enough to trigger a malware download. It’s like walking through an invisible booby trap.

2. Fake Software Updates: These ads trick you into downloading what seems like a necessary software update, maybe for Flash Player (if you’re still using it in 2024… let’s talk) or for a security patch but in reality, it’s malware disguised as something useful.

3. Phishing Ads: These malicious ads lure you in by pretending to be something legitimate like a request from your bank or a deal from a trusted retailer but are designed to steal your passwords, credit card info, or other sensitive data.

4. Cryptojacking: Malvertisers can hijack your device’s processing power to secretly mine cryptocurrency, all while you’re none the wiser. Your device might slow down or overheat, but by the time you notice, it’s already done some digital heavy lifting.

5. Malicious Redirects: Some ads redirect you to scam websites or phishing pages designed to harvest your personal data. You think you’re visiting a legitimate website, but one rogue click takes you to a fake version.

6. Exploiting Zero-Day Vulnerabilities: These are malvertising campaigns that take advantage of unknown or unpatched software vulnerabilities. If your browser or operating system isn’t updated, hackers can exploit these holes to install malware.

7. Ransomware Distribution: Malvertising is also a vehicle for distributing ransomware. Once infected, your device locks up, and you’re asked to pay a ransom to unlock it. Infamous ransomware strains like TeslaCrypt and CryptoWall have been spread this way.

Recent Tools & Technologies Used in Malvertising

Hackers don’t just rely on old-fashioned tricks. Malvertising has become highly advanced with new tools and technologies:

1. Steganography: This is the practice of hiding malicious code inside seemingly harmless images or videos. The malware activates once the ad is displayed, making it hard to detect visually or through traditional security tools.???

2. Exploit Kits: Prepackaged toolkits like Rig, Angler, and Neutrino have become widely available on the dark web. These kits allow even low-level hackers to easily target vulnerabilities in browsers, Flash, Java, or even specific devices.

3. Real-Time Bidding (RTB): Hackers use RTB platforms to quickly insert malicious ads into high-traffic websites. These platforms allow advertisers to bid for ad space in real time, and cybercriminals exploit this system to inject their ads before they’re vetted.

4. AI-Powered Phishing: AI is being used to create hyper-realistic phishing ads that are almost indistinguishable from legitimate ads. These AI-generated campaigns can mimic everything from brand logos to writing styles, making it difficult for even the savviest users to tell what’s real and what’s fake.

5. Cryptojacking Scripts: Tools like Coinhive have been used in malvertising to hijack users' CPU power to mine cryptocurrencies like Bitcoin or Monero. Users often have no idea their device is being used for this purpose until they notice the performance slowdown.

Recent Malvertising Cases

Malvertising is hitting some big names and high-traffic platforms. Here are a few notable cases:

- Spotify (2022) : A malvertising campaign targeted Spotify users, redirecting them to phishing sites that mimicked the music platform’s login page. Thousands of accounts were compromised before the attack was caught and stopped.?

- Reddit (2023) : Hackers used malicious ads on Reddit to redirect users to fake surveys that promised prizes. Instead of winning gift cards, users ended up giving away personal information to cybercriminals.??

- Slack (2024): A malvertising campaign infiltrated Slack’s ad network, leading users to phishing pages that resembled Slack’s login screen. Multiple corporate accounts were compromised, exposing sensitive company data.

How to Protect Yourself from Malvertising

The good news is that protecting yourself from malvertising isn’t impossible. With a few smart steps, you can avoid becoming a victim:

1. Avoid Sponsored Search Results: Malicious ads often sneak into sponsored results. It’s safer to type the website URL directly into your browser instead of clicking on a search ad.

2. Keep Your Software Updated: Updates aren’t just about getting new features, they patch security vulnerabilities. Make sure your browser, operating system, and plugins are always up to date to reduce your risk.

3. Use an Ad Blocker: Ad blockers like uBlock Origin or AdGuard can prevent malicious ads from appearing in the first place. Many browsers also come with built-in ad-blocking options, so make sure yours is activated.

4. Be Wary of Too-Good-to-Be-True Ads: If an ad is promising you a free iPhone or $10,000 for working from home, it’s probably a scam. These ads are often designed to lure in victims with enticing but fake offers.

5. Install Antivirus Software: Reliable antivirus tools like Bitdefender, Kaspersky, or Malwarebytes can detect and block malware that may sneak onto your device through malvertising. These programs often come with phishing protection as well.

6. Use a Secure DNS Service: Services like Quad9 or OpenDNS can block access to malicious sites by filtering the DNS requests, stopping malvertising sites before they even load.

What’s Next for Malvertising?

Unfortunately, malvertising isn’t going away any time soon. As cybersecurity companies develop more advanced defences, hackers find new ways to sneak their malicious ads into ad networks.?

However, AI-powered security systems are getting better at detecting and filtering out malicious ads before they reach your screen. Companies like Confiant and GeoEdge are leading the charge, using machine learning to detect suspicious behaviour in ad networks.

For now, it’s up to all of us to stay alert and keep our devices protected. By taking these precautions, you can significantly reduce your risk of falling victim to malvertising.

Have you encountered any sketchy ads or malware online? Let me know in the comments, and share your tips on staying safe!