Advertising plays a big role in how the internet functions. The ads you see on many sites help cover operating costs to keep the site going. Everything from internet connections to the electric bill and hardware servers is paid for by these ads.
Unfortunately, hackers are coming up with sneaky ways to use ads for their own gain. I am going to tell you about a huge "malvertising" network that was recently discovered. It had been in operation and gone undetected for several months.
Malvertising is when hackers put malicious code into a digital ad and submit it to an ad network. It then appears on legitimate websites and can infect your system with malware if you click on it.
A massive malvertising operation known as AdGholas was recently shut down. It had been operating since October 2015 before it was finally discovered. Millions of computers were put at risk.
AdGholas resulted in over 100 ad exchanges being hit with malicious advertisements. The affected ad exchanges get anywhere from 1 to 5 million page hits every day. It's estimated that between 10 and 20 percent of computers that loaded the malicious ads were redirected to servers that hosted exploit kits.
AdGholas creators used a series of sophisticated techniques that allowed it to go undetected for months. They used stenography to fool malware scanners and stay off their radar. They even filtered victims based on geolocation, distributing different malware programs to different regions.
This is the first known successful use of stenography in a malvertising attack, which could lead to more and more successful malware attacks in the future.
It's important to protect yourself against malvertising. Three basic tactics will help you to avoid clicking a fake ad:
- Always check your browser's URL whenever you click a link. If the domain name changes, then you know that a link took you to the wrong place.
- Research an app before you buy it. Just because an app claims to do something like "clean up" your computer doesn't mean that it actually does.
- Only download apps from sites that you're familiar with. If you know where the download button is located, then you won't get tricked by a malicious ad.