Symantec has partnered with Armorize Technologies, a provider of Web malware detection solutions, to launch “Symantec AdVantage”, a new cloud-based anti-malvertising solution.
Announced at the Online Trust Alliance’s Online Trust Forum 2011 in Washington D.C., the service will be powered by the malware detection engine from Armorize’s HackAlert, and will provide customers the ability to inspect ads running on their websites for web malware. Through an interactive dashboard, publishers can see statistics and compare the quality of ads and ad networks they work with based on the safety ratings and reputation scores for each specific ad or network.
Malicious advertising, also referred to as “malvertising,” is a growing method used to distribute malware via advertising tags served through an unsuspecting publisher’s website, blog comments, forums and other forms of user generated content, allowing cybercriminals to create content that used to carry out a wide range of malicious attacks.
Advertisers, agencies and now cybercriminals often utilize “third party ad tags,” allowing them to control and monitor their ads which removing the ability for publishers to be able to control what ads are served. With larger publishers, ad networks and exchanges having thousands of different ad tags running at any given time, monitoring all campaigns and creative being served is a challenge.
“Malvertising poses a serious risk to online publishers and their customers, reputation and revenue. Highly publicized malvertising infections can damage the reputation of even the most trusted online sites. Symantec AdVantage will provide ad publishers the tools they need to protect their businesses by fighting back against these threats,” said Fran Rosch, Vice President, Identity and Authentication Services, Symantec Corp.
Symantec isn’t the only player that has recognized this growing threat. Earlier this year, Google Ventures, the venture investment arm of Google, invested in Dasient Inc., a provider of anti-malware solutions for websites and ad networks. In May 2010, Digital advertising firm, the Rubicon Project, acquired SiteScout, a Seattle based provider of anti-malware technology.
In Feburary 2011, an incident with the London Stock Exchange Web Site serving ads from an ad network that had been serving malvertising ads and thus flagged by Google as malicious, shows the damage that can be done to a brand as a result. While the London Stock Exchange didn’t technically serve malware, it was serving ads from servers that were, which caused it to be flagged as a threat to most users attempting to visit the site.