Malvertising

An example of a malicious advertisement

Malvertising is a tactic wherein cybercriminals exploit or hijack online website advertisements to disseminate malware. In contrast to typical adware tactics, malvertising enables threat actors to inject malware into seemingly innocuous ads. Your network can be compromised simply by encountering these ads, even without clicking on them.

Perpetrators of malvertising often purchase ad space that appears alongside internet search results, using domains closely resembling legitimate businesses or services. These ads are prominently displayed at the top of search results, blurring the line between an advertisement and an authentic search outcome. They lead users to meticulously crafted webpages to mimic genuine business sites' appearance.

When users seek to download software, these deceptive web pages feature links to malware. The download process appears genuine, with the downloaded file named after the desired program, further enhancing the deception.

Beyond software downloads, malvertising has been utilized to impersonate financial websites, notably cryptocurrency exchanges. These malicious sites mirror authentic exchange platforms and coax users into providing login credentials and financial details, enabling criminal actors to perpetrate theft.

  • If you encounter sudden and unexpected website redirects, especially to suspicious or unrelated sites, it could be due to malvertising.
  • Be cautious if you see pop-up ads claiming your system is infected or urging you to download software immediately. Malvertisers often use these tactics.
  • Malvertising can consume system resources, leading to sluggish performance. If your computer suddenly becomes slow, investigate further.
  • Unexpected behavior from your browser, such as new toolbars, search engine changes, or altered homepage settings, may indicate malvertising.
  • Ads that look sloppy or unprofessional, with spelling mistakes. 
  • Ads that have unrealistic promises, such as amazing cures. 
  • Any ad that advertises something too good to be true.
  • Ads that do not seem to align with your recent search activity.
  • Before clicking on any advertisement, verify the URL to ensure the site's authenticity. Malicious domains may resemble the intended URL but contain typos or slight variations.
  • Instead of relying on search engines, manually enter the URL of the desired business or financial institution into your browser's address bar to directly access the official website.
  • Consider using ad-blocking extensions while browsing the internet. Most web browsers offer extensions that can selectively block advertisements. These extensions can be toggled on or off to allow ads on specific websites while blocking them on others.
  • Keep your software and web browsers updated with the latest security patches to safeguard against vulnerabilities. Utilize reputable ad-blocking and security software to enhance your online safety.
  • Regularly backup your data to minimize the risk of potential data loss.

If you've encountered malvertising, follow these steps to recover:

  • Immediately disconnect your device from the internet to prevent further data transmission.
  • Use a reliable antivirus program to scan your entire system and remove any malware.
  • If the malware has caused significant damage, consider restoring your system from a clean backup.
  • Ensure that your system and security software are up-to-date to prevent future attacks.
  • Strengthen your defenses by implementing preventive measures such as regular backups and safe browsing habits.
  • Keep an eye on your system for any signs of suspicious activity even after recovery.

References: