New Method of Malvertising Utilizes Vulnerable Websites to Deliver Malicious Ads
The Discovery
In a recent blog post, Jerome Segura, senior director of threat intelligence at Malwarebytes, uncovered a new method of using vulnerable websites to deliver targeted ads that carry malware. This technique takes advantage of Google‘s dynamic search ads feature, which pairs ads with search results based on the content of a landing page. Segura stumbled upon this malicious ad while searching for keywords commonly used by hackers. The ad he encountered appeared to be related to the Python programming development environment, PyCharm, but upon closer inspection, its source was a wedding planning site. This mismatch between the ad title and description raised suspicions, leading Segura to identify a spam-generating malware injected into pages on the wedding site.
The Accidental Nature of the Attack
Segura speculates that the creation of the ad itself may have been accidental, as the threat actor likely didn’t plan for it to be seen in a Google search. Typically, malicious software ads match their content to the title, showcasing the threat actor’s effort to create a convincing ad. However, in this case, the ad’s title and description didn’t align. The attacker used a compromised advertiser account and didn’t make the necessary effort to create a convincing ad. Segura questioned why someone would create a title that didn’t match the description, leading him to uncover the malware-infested pages on the wedding planning site.
The Scale of the Threat
If an unwitting visitor were to click on the PyCharm pop-up link, they would experience a significant surge of malware infections, rendering their computer completely unusable. Segura suggests that the attacker’s motive may have been to maximize the monetization of malware downloads, potentially earning commissions in the world of cybercrime. This method of malvertising creates a tsunami of malware that overwhelms victims and poses a significant threat to cybersecurity.
Security for Small Business Websites
An Untapped Vulnerability
Segura highlights the vulnerability of small and midsize businesses’ websites, which are often developed by web agencies and then neglected in terms of follow-up and maintenance. The core WordPress software used by these websites, as well as any plugins employed, can become outdated, leaving them exposed to security risks. Hackers can easily exploit these websites by crawling through entire IP ranges and compromising them en masse. With countless small business websites at risk, urgent action is needed to address this potential threat vector.
Google‘s Role in Protecting Users
While small businesses may lack the resources and knowledge to maintain proper security measures for their websites, Segura suggests that Google could play a role in helping search engine users avoid landing in malware traps. He proposes that Google should flag cases where targeted ads and website content significantly diverge, such as when a wedding website displays an ad for software or when a restaurant advertises a piece of software. These inconsistencies should serve as immediate red flags for Google, as they indicate a strong likelihood of malicious activity. By proactively identifying and warning users about potential threats, Google can contribute to a safer online environment for all.
Editorial: The Growing Threat of Malvertising
A Persistent Challenge in Internet Security
The discovery of this new method of malvertising highlights the ongoing struggle faced by internet users and security professionals. As technology evolves, cybercriminals adapt their tactics to exploit vulnerabilities and find new ways to deliver their malicious payloads. Dynamic search ads are just one example of a legitimate feature that can unwittingly aid malicious actors in their endeavors.
The Need for a Multi-layered Approach
To combat this threat, it is crucial to adopt a multi-layered security approach that includes proactive measures at various points, from website development and maintenance to search engine oversight and user education. Businesses must prioritize website security by regularly updating core software and plugins to ensure they have the latest security patches. Additionally, investing in reputable security solutions and consulting with cybersecurity professionals can help identify and mitigate potential risks.
Raising Awareness and Collaboration
In addition to individual efforts, a collective response is needed to address the growing threat of malvertising. Collaboration between web agencies, search engines, and cybersecurity experts is essential. By sharing information, best practices, and collaborating on developing proactive security measures, we can create a more resilient online environment.
Advice for Internet Users
Vigilance in Clicking and Browsing
Internet users must remain vigilant when clicking on ads or visiting websites. Be cautious of ads that appear suspicious or out of context with the website content. If an ad or website seems mismatched or too good to be true, it might be a potential threat.
Regularly Update Device and Software
Ensure that your devices, operating systems, and applications are up to date with the latest security patches. Regular updates help protect against known vulnerabilities and close potential avenues for malware attacks.
Use Reliable Security Software
Install and regularly update reputable antivirus software and firewalls on your devices. These security tools can detect and block malicious activities, providing an additional layer of protection against malvertising and other cyber threats.
Exercise Caution with Downloads
Be wary of downloading software or files from untrusted sources. Stick to reputable websites and official app stores to reduce the risk of inadvertently downloading malware-infected files.
Report Suspicious Activity
If you encounter suspicious ads, websites, or malware, report them to the appropriate authorities or service providers. Reporting such activities helps protect others from falling victim to cybercrime and contributes to efforts in combating malvertising.
Continued Education and Awareness
Stay informed about the latest cybersecurity threats and best practices. Regularly educate yourself about the latest techniques used by cybercriminals and how to protect yourself and your devices. With knowledge and awareness, you can actively contribute to a safer online community.
<< photo by Masood Aslami >>
The image is for illustrative purposes only and does not depict the actual situation.
You might want to read !
- Preventing Attacks: New Research Bolsters Infrastructure Resilience
- Budget Cuts Threaten Enterprise Cybersecurity: Examining the Implications of CISA’s Funding Woes
- Boeing Braces for Cybersecurity Crisis: LockBit Gang Claims Ransomware Breach
- Cutting Corners: The Potential Impact of CISA Budget Cuts on Enterprise Cybersecurity
- “Exploring Canada’s Decision to Ban WeChat and Kaspersky on Government Phones”
- UAE’s Cyber Council Raises Alarm on Google Chrome Vulnerability
- Driving Cyber Connections: UAE and US Treasury Forge Strategic Partnership in Cybersecurity
