Malvertising is an abbreviated term for ‘Malicious Advertising’, through this hacker’s use online advertising to spread malware. Cryptolocker Malvertising is extremely effective and is on the rise and large popular sites such as msn.com, nytimes.com, bbc.com and aol.com, are being used to deliver these ad served malware to countless machines. The malware is able to access the advertisements through vulnerabilities in software such as Adobe Flash. This method eliminates the need to coerce you into downloading the malicious content because the attack forces your computer to do this involuntarily.
Ad Blockers are the most utilised defence against malvertising but we’re going to discuss a few other tips on how to counteract these attacks:
Back up data regularly:
Constantly backing up your data stops you from spending tedious amounts of time recreating your corrupted files. To prevent your backup from being corrupted, you should always have an external backup solution, this way if malicious software is downloaded onto your system you can restore your files after your computer is cleaned.
If you set your browser settings to ‘Click-to-Play’- when you visit a website containing a Flash object it won’t automatically run until you choose to click it. Most malvertising campaigns use this method so doing this should protect you from most attacks, relying on security patches alone won’t do the trick as nothing is full proof. Besides that, you can disable or uninstall plug-ins that you don’t use to limit your attack surface.
Having the most recent version of an advanced antivirus solution can aid you in recognising exploit kits and stop most malware from installing on your system. Some antivirus’ can also remove malware that may have bypassed its primary defence. Also, running regular scans of your computer to catch malware is a good procedure to prevent it from spreading.
Flag Malicious Content:
Setting your browser to flag malicious content on a web page can inform you of when you’re at risk of downloading malware. For example, Google Chrome can detect phishing and malware:
- In the top right, click the Chrome menu .
- Click Settings > Show advanced settings.
- Under “Privacy”, tick the box “Protect you and your device from dangerous sites.
Create Multiple User Accounts:
You could create multiple computer user accounts, with different privileges, on each computer. Give one account administrative rights to install and modify software, and use it only for those purposes. For Web browsing and other online activities, use limited accounts that can’t install software; Doing this can help prevent malware from getting installed on your computer and making system-wide changes.
Malvertising has become a somewhat more sophisticated method of spreading malware and the overall problem with malicious ads is not just the ads themselves but the vulnerability of the software on your system. So even though ad blockers are the most ardent defence against malvertising attacks, using these other methods in conjunction with them could markedly reduce your chances of becoming a victim to said attack.