Digital Booby Traps

Explainer

Malvertising is making even the most seemingly harmless websites an unsuspecting pitfall for the naive, which is pretty much everyone on the internet

In October of 2015, the Daily Mail website fell victim to the vicious claws of cyber criminals. This time, the technique in question was one of the more unsuspecting, and therefore extremely dangerous, ways in which malicious actors online are able to infiltrate computers; malvertising.

Essentially, this is when hackers buy ad space on websites, as legitimate as the Daily Mail, and litter the webpage with advertisements crawling with malware which hacks the computers of the many naive internet users who mistakenly click on the unassuming trap.

There is almost no giveaway as to whether an ad consists of such trickery, and with the consequences being severe for anybody who falls for it, it allows hackers to easily take advantage of unsuspecting internet users. The whole process if filled with deceitful and unscrupulous practices. Hackers acquire ad space from internet publishers, framing themselves as the intermediary between them and the businesses they use as to disguise themselves. Thus, they are able to produce authentic-looking ads which appear to resemble the same aesthetics as an actual advert for the true content provider whose identity has been thieved by anonymous internet delinquents.

Once appearing on the website, internet publishers fail to recognise the spurious advertisements since they look so real. Utilising malevolent JavaScript and other malicious code, the hackers commence their work. As soon as the page containing the infected ads is loaded in a browser, the ad opens up a separate webpage with an exploit kit (software designed to find flaws in computer systems and exploit those vulnerabilities using malicious software). The damaged has already been done before the victimised user can dismiss the window. With no initial interaction from the user at all, hackers can implement code, viruses and a range of damaging software to steal, manipulate and corrupt data as they please.

According to research by Cisco, hackers who use the Angler Exploit Kit, which was the software used to exploit internet users who visited the Daily Mail website, to conduct such activities have a 40% success rate, and with the number of potential internet users mounting up to billions, the number of computers holding valuable information of which these bad actors crave is still very high. Even more worryingly, the difficulty of tracking down the culprits is down to hackers taking advantage of the openness and the anonymity which the internet gives them. It just shows how vulnerable anybody can be when on the world wide web.

In the Daily Mail saga, the fake adverts being shown on the website injected ransomware onto any of the computers in managed to exploit. This involved hackers encrypting data and refusing to decrypt it unless a specified payment was made. Malwarebytes, a security firm, said that any user who clicked on the ads were exposed to the vulnerability exploitation capabilities of the Angel Exploit Kit through weaknesses in Internet Explorer and Flash software.

With all these dangers in existence, it is imperative internet users do their part in ensuring that they can sufficiently protect themselves. Backing up data provides one measure which would help users to retrieve any data which may have been lost as a result of an attack, though this cannot always be a guarantee. Additional precautions, such as anti-virus software and using web browsers which can detect websites containing malware-infested ads, like Google Chrome, are also necessary. Though even all these practices cannot completely deter the danger. The malicious code being developed by hackers is always in constant development, often at a quicker pace than the measures developed to defend against them. Reports from Symantec and Verizon suggest that over 300 million pieces of malicious software were created last year, meaning around 1 million threats were being released every single day. This goes to show just how hostile the internet is and provides challenges for everybody who depends upon it.

The existence of malvertising fuels the argument supporting the use of ad-blockers (more on page 3), as they not only prevent the irritating pop-up boxes and banners from disrupting the user experience, but also as a way to avoid cyber attacks. The design flaws of the internet in the modern age is becoming increasingly apparent as more dangers emerge and become more widely known. Malvertising is just one of many.