Malvertising Attacks: The Beginning

The cyber-crooks are now back. This time, they target multiple websites, from NetZero, AdSpirit, Weather Underground to Drudge report. Even though these websites have used VPN for their system, none of these hold the attacks.

Malvertising attacks, Yahoo!, VPN, Asia
Recent malvertising attacks on Yahoo! hacked thousands of its users

The malvertiser attacks have been running in silence for week. As they moved to the surface, they began to target registered members of the world’s top publishers. First, they load the attack script via AdSpirit.de. So, when someone clicks the ad, the site will redirect him to Azure website. Unless you are a security expert, it would be difficult to detect this malicious activity. This is because the malvertisers use the HTTPS to secure the URLs, not VPN.

The recent Yahoo! attack taught us many things. We learn about the extensive damages. On top of that, we learn how the malvertisers use internal servers for their cause. By using two domains to redirect Yahoo! users, these malvertising attacks were a success. They led thousands of Yahoo! user to the infamously dangerous Angler Exploit Kit.

Malvertising Attacks: A Threat Nearly Without Solutions

Malvertising is dangerous because it does not require user interaction to deliver the payload. It harnesses the following online advertising facts:

1. Online ads are almost everywhere.

2. No matter the case, companies are less likely to work together, even when it involves their security.

So, if I were a hacker, I could not expect better reasons to attack with only these two facts. While my attacks would become more invisible, I can target millions of internet users.

Malvertising attacks, VPN, Asia
If I were a hacker, when should I attack?

As we speak, malvertisers are developing their attacks. They began to use multiple SSL redirectors to encrypt traffic. They already used this scheme at the recet AdSpirit case when 10 million users became victims. So, unless you use VPN to secure your connection, you would end up at a certain malicious website.

These malvertising attacks took benefits of systematic weaknesses of a web’s ecosystem. They focus on the validation and verification process. Later, they combine their attack with the lax and scale patching of the ad systems. Scale is a crucial aspect of the attack. Only a successful ad penetration would bring many victims. However, none of the attacks would succeed if it lacks massive lax software patching. This is the key element of successful malvertising attacks.

Typically, the exploit kits would focus on two things. They are your software vulnerabilities and core web browsers. In most cases, the attacks were successful because of one reason. There are only few users who update and patch their softwares and hardware. We are losing our awareness to stay safe on the internet, allowing malvertisers to attack us.

Open modal

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>