Malvertising -- What is it?

Malvertising is one of the most pernicious and least understood threats on the Internet. Malvertising -- malicious advertising -- injects malware into legitimate online advertisements. When an unsuspecting person clicks on the ad, malicious code is injected into the person's computer. This code allows the hacker to take control of the computer, exfiltrate financial or sensitive information, and/or lock the computer and hold it for ransom (ransomware). In addition, the hacker can add the computer to a botnet for later exploitation. What makes a malvertising attack so difficult to detect is that the entire process goes on behind the scenes. The user is completely unaware.

Why don't advertisers do something about this? Even they are unaware until someone complains. The sheer volume of ads, many of which are updated daily, makes it very difficult for advertising networks to perform a thorough analysis of each ad to detect malware. Many websites also rely on third party vendors to display their ads, automating the process.

What Protection is Available?

Preventative best practices always apply and no more so than in this case. Ensure all hardware and software, particularly web browsers, are kept up-to-date. Flash and Java are particularly vulnerable, so best to check these first for updates. Better yet, disable Flash or configure it for minimum interaction, so it's only active when any given website requires it. Always close browser windows when not in use, and consider using an add-on ad blocker like uBlock Origin for additional protection.

Another protection is for you to type in the web address (URL) of the product or service you want, instead of clicking on an ad in a page.   You can use Google to make sure you're going to the real website, and not a fake with a similar spelling.