45680075302
academy
Security
Privacy
Performance
English

What Is Malvertising and How Do I Stop it?

Malvertising attacks use infected ads to spread malware or send you to malicious websites — often, you don’t even need to click on the ad to get infected. Since these malware ads can appear on trusted websites, they can be hard to spot. We’ll show you how malvertising works and how you can fight back with top-shelf cybersecurity software.

PC-editors-choice-icon
2023
Editors' choice
AV-Test-Top-product-icon
2022
Top Rated
Product
Academy-Malvertising-what-is-it-and-how-to-prevent-it-Hero
Written by Oliver Buxton
Published on April 22, 2021
This Article Contains
This Article Contains

    What is a malvertising attack?

    Malvertising attacks happen when cybercriminals introduce malicious ads into online advertising networks. The malicious ads then appear on popular and trusted websites and either redirect victims to corrupted webpages or install malware directly on their computers.

    Most malvertising campaigns purchase ad space from legitimate ad networks so that their infected ads will be displayed on legitimate websites. The seemingly harmless ads actually contain malicious code that attacks victims as soon as the ad loads on the page.

    From a hacker’s perspective, malvertising is a relatively easy way to compromise trustworthy sites that receive lots of traffic, without having to attack the websites directly. The exploitation of legitimate advertising networks also helps hackers bypass firewalls and compromise local networks. And, since many of the more sophisticated attacks can infect you regardless of whether or not you click, malvertising remains a dynamic and growing threat.

    Cybercriminals launch advertising attacks by hiding malware in pop-ups and banners and spreading them via legitimate websites.Malvertising attacks exploit legitimate ad networks and spread through legitimate websites.

    Example malvertising types and how they work

    When “mal advertising” was first identified as a threat in 2007, it was based upon a specific Adobe Flash vulnerability and used to exploit sites like Myspace and Rhapsody. But recently, malvertising has grown to keep pace with the diverse and sprawling digital media landscape.

    What the experts say

    "The use of malicious browser push notifications... (are) becoming a preferred tool for scammers across various domains, from adult content sites to technical support scams and financial fraud."


    Jakub Křoustek, Malware Research Director, Avast 2023 Threat Report

    Since 2011, attacks have increasingly used drive-by downloads that don’t require any direct user interaction. Malvertising is also becoming more common across all platforms — including mobile devices.

    Malvertisers today have a wide array of tricks and techniques at their disposal, some of which even use fileless malware that’s notoriously difficult to detect and remove. Malvertising is also an effective way for hackers to deliver malware that allows them to control your computer and other devices as part of a botnet

    Let’s take a closer look at the most common types of malvertising:

    Steganography

    Steganography is the ancient art of concealing secret messages within text or images. Many malvertising attacks rely on a modern form of steganography to disguise malware within advertising images.

    Steganographic attacks can hide malware within a tiny cluster of pixels, and in many cases, neither advertising networks nor end users can tell the difference between legitimate and harmful ads until it’s too late.

    Polyglot images

    A more sophisticated cousin of steganography, polyglot images don’t just contain one hidden payload within an infected graphic. As the name suggests, they’re able to “speak” several languages.

    In addition to the malware itself, they also hide scripts for executing the code and launching the attack. With no need for an external script to extract the malware package, malvertising using polyglot images is a more autonomous and dangerous threat.

    Tech-support scams

    This particular ploy involves tricking you into thinking there’s some technical issue with your device. The fraudulent ads will typically install a form of browser hijacker malware to disrupt your user experience, and then tell you to call a number to resolve your non-existent problem.

    The tech-support scammers always pretend to be from a reputable tech company and attempt to extract money and personal information from you in exchange for “fixing” the bogus problem.

    Scareware

    Scareware malvertising tries to frighten you with alarming pop-ups containing dire (and false) warnings that your computer is riddled with viruses that need to be dealt with immediately.

    Like tech-support scams, scareware is a social engineering technique, but rather than connect you to a fake call-center, scareware tries to frighten you into installing fake cybersecurity software. In many cases, the “solution” is in fact malware itself.

    “Get rich quick” schemes and fake surveys

    The internet is awash with ads for dodgy “get rich quick” schemes and phoney surveys. They usually dangle the prospect of a big payout, but in reality you’re more likely to get infected with a computer virus than receive a cash injection. Never click on an ad that seems too good to be true.

    Fake software updates

    Fake software updates are a malvertising technique that purports to promote popular downloads and software updates. When clicked, the ads install spyware, viruses, or other malware instead of (or along with) the intended program. Always be wary of third-party download portals and source your software directly from official vendors and outlets, such as the App Store.

    Being aware of these common tactics can help you avoid malvertising, but often there’s little or no indication that seemingly genuine ads pose any danger. And some ads can download malware onto your system even if you don’t click on them. That’s where robust security software comes into play.

    Avast One seeks out threats in real time and scans all unknown files to block malware before it can infect your machine — keeping you safe from malvertising and a whole lot more.

    What’s the difference between malvertising and adware?

    Malvertising and adware both combine malicious content with advertising. But while malvertising infects advertising networks to poison online ads and spread malware, adware infects your computer first and then shows you ads. The main difference is where the infection resides — malvertising is in the ad networks while adware is on your machine.

    Adware — a portmanteau of “advertising malware” — is typically installed without your consent or knowledge as part of a software package, and will continue to plague you until you remove the adware. In some cases, malvertisements may actually be used to spread adware, but they’re just as likely to slip spyware or ransomware onto your machine.

    How to stop malvertising

    Given that some malicious ads don’t require clicks or any other interaction to launch an attack, preventing malvertising isn’t straightforward. Fortunately, there are a number of steps you can take to prevent or minimize the risk posed by malvertising.

    1. Install a strong antivirus. No matter what other precautions you take, some threats are bound to slip through. When it comes to thwarting malicious downloads, there’s no substitute for the protection that top-of-the-line antivirus software can provide.

      Not only will Avast One proactively detect and defend against the wide range of malware, but it will also locate and remove potentially harmful programs or files already installed on your computer.

    2. Use an ad-blocker. One simple and effective way to prevent malware reaching you through advertisements is to cut them off at source by using a comprehensive ad-blocker. This will stop both legitimate and fraudulent ads displaying on your screen, denying malicious code the opportunity to attack your system.

    3. Disable browser plug-ins. Browser plug-ins are a common vector for malvertising attacks, but by adjusting your browser settings to limit the plug-ins that run by default, you can remove exploitable vulnerabilities and limit opportunities for cybercriminals.

    4. Keep your OS updated. Malicious code is designed to exploit software vulnerabilities. Running the very latest version of your operating system reduces your exposure to malvertisements that target older vulnerabilities that have since been patched. The same goes for your web browser and other programs and applications.

    5. Download software and content from legitimate sources. Apple’s App Store and other legitimate app marketplaces vet apps for security. If you download programs or content from random sites, you never know if the website is legitimate or if the software might come bundled with malware.

    6. Use a secure browser. The best secure and private browsers are engineered with an extra layer of protection against malvertising and other online threats.

      The free Avast Secure Browser has a built-in and customizable ad blocker that stops malicious ads reaching your screen in the first place. It also encrypts your connection and blocks phishing sites and harmful downloads to protect your privacy and data security.

    How to remove all types of malware from your device

    If your device has been infected by malvertising, or any of the other underhand tactics used by bad actors online, you need to remove the malware as soon as possible. Dedicated cybersecurity software is your best bet to fully neutralize the threat.

    Even if you manually uninstall the malware, a malvertising attack may leave associated programs and residual files hidden away in obscure corners of your system.

    Mobile devices require dedicated malware removal software for Android or an iPhone malware and threat scanner — featured in the free Avast Mobile Security for Android and Avast Mobile Security for iOS.

    If you’re on a desktop or laptop computer, Avast’s antivirus software packs a powerful malware scanner and removal tool into the world’s largest threat detection network. After running a thorough anti-malware scan to find and delete all potentially harmful code, your machine will stay protected against reinfection with 24/7 threat detection.

    Performing a malware scan with Avast Free Antivirus for macOS

    Protect yourself against malvertising with Avast

    To protect yourself against malvertising attacks, use updated and comprehensive security software with sophisticated threat-detection. Avast One is constantly updated to protect you against the latest threats, using advanced cloud-based technology that analyzes and defends against viruses, spyware, and the full range of malicious software.

    Get protected today and start browsing safely behind multiple layers of 100% free, award-winning security.

    Get Avast One to protect your iPhone against malware

    Free install

    Get Avast One to protect your Android against malware

    Free install
    Malware
    Security
    Oliver Buxton
    22-04-2021