What is Malvertising?

Malicious advertising, or malvertising, is one of many techniques that cybercriminals use to infect your devices with malware. Through a combination of industrial infiltration and social engineering, hackers trick victims into leaving their computers open for infection. This guide is here to inform you about malvertising and how you can avoid falling for these well-placed traps.

How does malvertising work?

A malvertising attack is often browser-based. Cybercriminals will submit graphic or text ads infected with malicious coding – usually based on JavaScript. Such ads may show up on any website, legitimate or not.

Malvertising is prolific on the weekends, especially Sundays, when more people are browsing the internet. High-traffic events like Black Friday sales at the end of November are hotspots for malvertising. They’ll be plastered with messages like “CLICK HERE NOW FOR THIS DEAL” or “BIGGEST BLACK FRIDAY SALE” – the more desperate the message, the more obvious the wicked intent.

Clicking on a piece of malvertising will inject a small portion of code into your computer. This code will connect your computer or device up to a hacker’s command and control (C&C) server. That server will then investigate your device and figure out what software is currently running on it. From those results, the server will send malware that you are particularly susceptible to.

What began as an exploit through Adobe Flash’s security in late 2007/early 2008 has exploded into one of the most abundant forms of online crime. In 2017, Google managed to stamp down on 79 million ads that auto-redirected unfortunate victims to malware-ridden sites. GeoEdge, a cybersec firm that specializes in combating these attacks, estimated that auto-redirects made up to 47.5% of all malvertising in 2018.

Well known and visited websites like the New York Times and WordPress have unknowingly published pieces of malvertising. WordPress suffered a joint malvertising-cross site scripting attack in the first half of 2020. Defiant, WordPress’ in-house security, discovered over 20 million attacks on more than 5 million of their websites. The attacks preyed on certain loopholes in some of the plugins used by a large portion of WordPress sites. The plugin vulnerabilities had been exploited before in many attacks perpetrated throughout 2018/19.

What’s the difference between malvertising and adware?

The main differences between malvertising and adware are the intentions behind the software. Adware, while invasive, focuses on pushing a product aggressively. Adware often piggybacks off legitimate software and is always installed unwittingly. The main disruption adware causes is having to close down the pop-ups on your desktop whenever you boot up your computer.

Malvertising, however, is a lot more insidious and malicious in nature. For all intents and purposes, it is a form of cross-site scripting. The whole point of malvertising is to trick you into executing a piece of infectious code and then compromise your entire network.

Don’t become a victim of malvertising

So how can you prevent yourself from becoming a victim? While it might sound obvious, never click on any ad you see when you’re browsing a website – no matter how legitimate and ‘safe’ the site may seem. Remember that these malicious advertisements are like venus flytraps. The bright and enticing deal is not worth the potential infection. If an online deal truly manages to catch your eye, take note of it and type it into a Google search at a later date. Here’s a handy checklist to help you avoid malvertising tactics:

  • Update your antivirus. Keeping your antivirus software up to date is key in combating whatever piece of malware is injected into your device.

  • Use an adblock extension on your browser. If you can’t see the adverts, how can they trick you into clicking them?

  • Disable auto-play plug-ins. Malvertising hackers like to exploit auto-play Flash or Java plug-ins. Change your settings to click-to-play before you accidentally trigger a malware infection.

  • Invest in software that encrypts your information. NordLocker will keep your data and personal details safe, even if a hacker manages to inject malware into your device. All your files will appear as gibberish to the cyber-criminal, forcing them to move on to easier prey than you.

Keep up to date with all the latest NordPass news by subscribing to our newsletter below.

Subscribe to NordPass news

Get the latest news and tips from NordPass straight to your inbox.