有许多方法被用来危害Internet用户,以便网络犯罪分子可以获取他们的信息。一旦计算机被入侵,网络犯罪分子就可以将用户的数据用于他们想要的任何事情。此类事件甚至可能导致身份盗窃(Identity Theft),网络犯罪分子使用您的身份进行贷款等,让您一团糟。在许多新的危害计算机的方法中,有 – 恶意广告(Malvertising)。让我们来看看什么是恶意广告以及如何通过避免它来保持安全。
什么是恶意广告
Malvertising 或 Maladvertising 包含两个词:Malicious + Advertising。这不仅仅是关于诱使用户访问钓鱼(Phishing)网站的恶意误导性广告。恶意广告(Malvertising)是指当您将鼠标悬停在或单击广告时,通过在其上下载简短的恶意代码来破坏您的计算机。一些广告甚至会将恶意代码下载到您的计算机上,而网站仍在后台加载。在这种情况下,只需访问一个网站,用户就可以通过Drive-by-downloads感染。
网络犯罪分子使用广告作为入侵您计算机的手段。由于这些广告看起来很真实,用户点击它们期望被带到一个网站,在那里他们可以获得有关广告的更多信息。但是,点击操作不会被重定向,而是触发将一小段恶意代码下载到用户的计算机上。事实上,感染甚至可以在后台静默发生,即使浏览器正在加载广告。由于提供这些广告的广告网络非常庞大,因此几乎不可能识别出恶意广告背后的个人或组织。(person or organization)许多受欢迎的网站最终也会在不知情的情况下投放此类广告而没有任何有害意图,因为他们不知道这些广告是恶意的。
恶意广告如何运作
无需入侵网站即可在该网站上放置恶意广告。相反,犯罪分子使用广告网络在数以百万计的网站上插入他们的广告。如果您知道互联网(Internet)上的广告是如何运作的,那么您就会知道,一旦提交了广告,经过审查,它就会被推送到互联网(Internet)上,并出现在与用户键入的关键字相关的网站上,以获取任何类型的信息。
网络犯罪分子使用展示广告(display advertising)来传播恶意软件。可能的攻击媒介包括隐藏(code hidden)在广告创意(ad creative)中的恶意代码(例如swf 文件(swf file))、嵌入网页的可执行文件或捆绑在软件下载中。所有网络发布商和网站都是恶意软件作者试图通过将恶意代码隐藏在广告的SWF ( Flash ) 文件、GIF 文件或登录页面(GIF file or landing page)中来传播其软件的潜在目标。
如果广告商或代理机构(advertiser or agency)向您提供受感染的广告,您的计算机和个人信息以及您网站访问者的信息可能会受到严重伤害。Google 的 Anti-Malvertising.com 网站(Google’s Anti-Malvertising.com website)提供了一些广告发布商和网站所有者可能想要查看的(check out)提示。
尽管知名的广告网络确实会检查广告中明显的因素,例如违禁词、违禁产品等,但如果没有对代码进行适当的审查,恶意广告可能会溜走!在这种情况下,广告网络(ad network)通过在各种网站上展示具有传染性的广告,将数百万用户置于危险之中。还有其他广告网络(ad network)甚至可能忽略这种恶意广告,以吸引好钱。
在其他情况下,犯罪分子声称代表真正的机构,直接向网站而不是广告网络提交干净的广告。随后,他们将恶意代码附加到广告中,该广告下载到点击网站广告的用户的计算机上。过了一会儿,当达到目标时,犯罪分子删除了密码。广告在合同期内(contract period)一直在那里。在(Between)附加和删除代码之间,犯罪分子可以侵入大量计算机,因此,有关不同互联网(Internet)用户的大量信息掌握在他们手中。他们可以将这些信息用于他们喜欢的任何目的。
如何避免恶意广告
预防(Precaution)是避免恶意广告的唯一关键。恶意广告甚至可能出现在知名网站上。如果有任何广告看起来很有希望,那就避开它们。例如,弹出窗口说您是第 100 位访客并被选中获得奖品 -(prize –)忽略它。避免任何向您承诺免费提供金钱、礼物、折扣券等的东西。由于网站上出现的广告是网络广告商的结果,因此由他们来检查广告是否有恶意代码。他们中的大多数人只是检查语言亵渎(language profanity)并发布广告。如今,大多数知名网络(如Google AdSense 网络(Google AdSense network))都会检查整个代码,但仍有少数情况是恶意广告潜入其中。
有一些基于云的恶意广告检测(malvertising detection)平台和解决方案,可以洞察和控制网站上提供的在线广告的安全性。大型出版商可能希望检查此选项。作为用户,请确保您拥有良好的安全软件(security software)并灌输安全的浏览习惯。并记住始终更新您的操作系统(operating system)和已安装的软件,包括浏览器插件。
最近的一些恶意广告示例
(Certain)DeviantART.com上的(DeviantART.com)某些广告将用户重定向到Optimum Installer 网页(Optimum Installer web),以便在毫无戒心的用户上安装可能不需要的应用程序。黑客入侵了 Clicksor Ad Network(Clicksor Ad Network)以分发恶意软件。Blackhole Exploit工具包通过Clicksor 广告网络和其他渠道(Clicksor Ad Network and others)分发。Fox IT.com报道称,在最近的另一个案例中,Java漏洞利用是通过 Java.com 上的广告提供的(Java.com)。
信息图(Infographic)此信息图(Infographic)显示了恶意广告(Malvertising)的工作原理。
因此,重要的是发布商仅使用具有强大筛选方法的广告网络和交易所,一旦发现恶意广告实例,他们会立即采取行动,以防止恶意软件在其系统中传播,并遏制可能造成的损害。可能导致。
坏(Bad)的、易受攻击的和不安全的插件经常会受到损害。因此,正如我之前提到的,请确保您拥有良好的安全软件(security software)并灌输安全的浏览习惯。并记住始终更新您的操作系统(operating system)和已安装的软件,包括浏览器插件。
Stay safe!
Malvertising attacks: Definition, examples, protection, security
There are many methods being used to compromise users of the Internet so thаt their information can be obtained by cyber-criminals. Once a computer is compromised, the cyber-criminals can use the user’s data for anything they want. Suсh events may even result in Identity Theft, where cyber-criminals use your identity for taking loans, etc. and leave you in a mess. Among the many newer methods of compromising a computer is – Malvertising. Let us take a look at what is malvertising and how to stay safe by avoiding it.
What is Malvertising
Malvertising or Maladvertising contains two words: Malicious + Advertising. This is not just about malicious misleading advertisements that lure users to Phishing websites. Malvertising is about compromising your computer, by downloading a short malicious code on to it, when you hover on or click on an advertisement. Some adverts will even download malicious code to your computer, while the website is still loading in the background. In such cases, by simply visiting a website, users can get infected via Drive-by-downloads.
Cybercriminals are using advertisements as a means to hack into your computers. Since these advertisements look genuine, users click on them expecting to be taken to a website, where they can get more information about the advert. However, instead of being redirected, the click action triggers a download of a small but malicious code to users’ computers. In fact, the infection can even take place silently in the background, even as the ad is being loaded by the browser. Since the ad networks serving these ads are pretty huge, it is nearly impossible to identify the person or organization behind the malicious advertisement. Many popular websites too end up unknowingly serving such adverts without any harmful intent, as they do not know that the adverts are malicious.
How Does Malvertising Work
One does not need to hack a website to place malicious advertisements on that website. Instead, criminals use advertising networks to insert their advertisements on thousands of millions of websites. If you know how advertising on the Internet works, you know that once an ad is submitted, after scrutiny, it is pushed into the Internet where it appears on websites related to the keywords typed by users for any kind of information.
Cyber-criminals use display advertising to distribute malware. Possible vectors of attack include malicious code hidden within an ad creative (such as a swf file), executables embedded on a webpage, or bundled within software downloads. All web publishers and websites are potential targets for malware authors attempting to spread their software by hiding malicious code within an ad’s SWF (Flash) file, GIF file or landing page.
If an advertiser or agency provides you with an infected ad, your computer, and personal information, and that of your site’s visitors, can be exposed to serious harm. Google’s Anti-Malvertising.com website has a few tips ad publishers and website owners may want to check out.
Although reputed advertising networks do scrutinize the ads for the obvious factors, like banned words, prohibited products, etc., without proper scrutiny of the code, malvertisements can slip through! In such a scenario, the ad network places millions of users at risk by displaying infectious advertisements on various websites. And there are yet other ad networks who may even ignore such malvertising, for the lure of good money.
In other cases, criminals claim to represent genuine institutions, submit clean adverts directly to the websites instead of ad networks. Later, they attach malicious code to the advert that is downloaded to computers of users who click on the adverts on websites. After a while, when the target is met, the criminals remove the code. The advert stays there for the contract period. Between attaching and removing the code, the criminals get to hack plenty of computers, and thus, much information about different Internet users is at their hands. They can use this information for any purpose they like.
How To Avoid Malvertising
Precaution is the only key to avoid malvertising. Malicious ads can appear even on reputed websites. If any ad looks overtly promising, simply avoid them. For example, popups saying you are the 100th visitor and are chosen for a prize – ignore it. Avoid anything that promises you the likes of money, gifts, discount coupons, etc. for free. Since the advertisements that appear on the websites are the result of network advertisers, it is up to them to check the advertisements for malicious codes. Most of them just check the language profanity and publish the ads. These days, most reputed networks like the Google AdSense network check the entire code, but there has still been the rare case, where malicious advertisements have crept in.
There are some cloud-based malvertising detection platforms and solutions, which deliver insight about and control over the safety of online ads being served on the websites. Large publishers may want to check this option out. As a user, make sure you have a good security software and inculcate safe browsing habits. And remember to keep your operating system and your installed software, including browser plugins, always updated.
Some recent examples of Malvertising
Certain ads on DeviantART.com were redirecting users to the Optimum Installer web page in order to install Potentially Unwanted Applications on unsuspecting users. Hackers had compromised Clicksor Ad Network to distribute malware. Blackhole Exploit kits were being distributed via the Clicksor Ad Network and others. In yet another very recent case, Java exploits were being served via advertisements on Java.com, reported Fox IT.com.
Infographic This Infographic shows how Malvertising works.
It is therefore important that publishers use only such advertising networks and exchanges that have strong screening methods and who take immediate action, once instances of Malvertisements are found, in order to prevent the spread of malware within their systems, as well as contain the damage which may be caused.
Bad, vulnerable and insecure plugins often get compromised. So as I mentioned earlier, make sure you have a good security software and inculcate safe browsing habits. And remember to keep your operating system and your installed software, including browser plugins, always updated.
Stay safe!
