Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?



Malware Rising – Attacks Increasing Through Malicious Online Advertising

Malvertising Attacks Continue to Rise. Brands and Consumers Threatened.

Malvertising Attacks Continue to Rise. Brands and Consumers Threatened.

Popular websites, blogs and ad networks are fast becoming the preferred means of cybercriminals, identity thieves, and hackers to steal consumer information and distribute malicious content.

The most common attacks today are made possible by Web site / server hacks, against which publishers, with the exception of their off-site links, are probably best protected, and by user-contributed content, advertising and cross-site widgets.

MalvertisingHowever, virtually none of these Web sites or advertising companies has an effective means to uncover and identify the “drive-by” downloads, malicious software, and other fraudulent content that infect their properties through the plethora of user-contributed pages and the stream of advertising that is added to their sites on a daily basis.

In May, digital advertising technology company, the Rubicon Project, revealed some insight into emerging industry trends and market shifts that occurred in the first quarter of 2010 in its Online Advertising Market Report series.

The report showed that with the continued growth in online advertising, there is also an increasing trend in online threats through “malvertising,” a growing method used to distribute malware via advertising tags served through an unsuspecting publisher’s Web site, blog comments, forums and other forms of user generated content, allowing cybercriminals to create content that used to carry out a wide range of malicious attacks.

Google, in response to the increasing level of threats, setup, a Web site they call an “Investigative Research Engine.” The site, setup in June 2009, checks a variety of independent, third party sites that track possible attempts to distribute malware through advertising and serve as a resource to educating Internet users, ad network operators and publishers about the problems. Google also employs a “Head of Anti-Malvertising,” Eric Davis, who has been in the role since 2008.

“For publishers, advertising is about making money, but malicious ads change the equation. Publishers need better solutions to protect their customers from malvertising and the potential for malicious content on their Web sites,” noted Rob Lipschutz, co-founder and CEO of SiteScout, a company acquired by the Rubicon Project in May 2010 that helps protect publishers against malicious ads and other dangerous Web content. “The advertising ecosystem faces a stiff challenge and the problem is widespread and found in both direct advertising as well as more distributed ad networks. New ad formats also make the problem increasingly complex.”

Advertisement. Scroll to continue reading.

Many of the digital ad serving platforms being used today were developed over a decade ago and not designed to cope with today’s massive volume of transactions from buyers and sellers around the world, creating a constant stream of new vulnerabilities in the system.

Advertisers and agencies often utilize “third party ad tags”, allowing them to control and monitor their ads which removing the ability for publishers to be able to control what ads are served. With larger publishers, ad networks and exchanges having thousands of different ad tags running at any given time, monitoring all campaigns and creative being served is a challenge. These disparate systems have had no universal quality control because nothing is tied together, driving the need for automation and technology innovation to eradicate the vulnerabilities of this process.

The need is clear for a solution aimed at publishers and advertising companies, the producers of content, rather than end-users, that provides visibility and advanced protection against the new kinds of attacks to prevent direct loss of revenue or risk to brand (leads to loss of revenue). In January, the Rubicon Project launched Rubicon Security, its first foray into protection against malware attacks on publisher customers’ sites. Combined with the acquisition of SiteScout,  the Rubicon Project has established a comprehensive solution to help combat malvertising within its platform.

Dasient, another company that protects businesses from web-based malware attacks, provides a Web Anti-Malware (WAM) service that can automatically identify and quarantine malware on websites, helping businesses avoid losses of traffic, reputation, and revenue.

The issue of malware will only increase as a key risk to publishers’ advertising businesses – and to the consumers driving those businesses – in the months ahead.

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Artificial Intelligence

The degree of danger that may be introduced when adversaries start to use AI as an effective weapon of attack rather than a tool...