Malvertising is back, after a brief hiatus, in the third quarterof 2017 according San Francisco-based digital threat managementsolutions provider RiskIQ. malvertising has risen consistentlysince programmatic advertising gained popularity.
|Malvertising exploits online advertising byinserting malicious or malware-laden ads into genuine advertisingnetworks and webpages.
|Overall, RiskIQ scanned 53% fewer advertisements containing ablacklisted incident—phishing, scams, exploit kits, andmalware—than the previous quarter, reversing a trend.
|Exploit kits have continued to decline, but malware, whichdecreased by almost 45% last quarter, was the only type ofmalvertising to increase. “Meanwhile, phishing, which rose over100% last quarter, experienced a considerable decline, which couldmean attackers thought it wise to pivot to dropping malware fromtrying to trick users into clicking on deceptive ads that may leadto pages requesting sensitive data,” Forrest Gueterman, threatanalyst at RiskIQ, said.
|RiskIQ has seen a steady long-term increase of malvertising, butquarter to quarter detections appear to be cyclical. “It'sinteresting to note how the type of malvertising fluctuates, andhow that may indicate a change in attacker tactics,” Guetermannoted.
|Gueterman explained although RiskIQ's data shows a 21% drop inscams (disingenuous advertising), it continues to be a favoritetactic of threat actors—RiskIQ detected almost 990,000 incidents inthe third quarter and profiled several new tactics. Scammers driveimmense amounts of valuable traffic to their sites via vast scamnetworks. Their fraudulent landing pages (take a survey to win afree PlayStation!), are often ignored by typical malvertisingdetection methods because of the gray nature of their payloads butcan grow to enormous sizes and degrade the quality of theinternet.
|To combat this problem, RiskIQ scans over 2 billion pages andnearly 20 million mobile apps per day, resulting in a curatedblacklist of malicious ads from across the internet. RiskIQ alsoreleased 2017 mobile threat landscape and phishing reports for the third quarter.
|
Complete your profile to continue reading and get FREE access to CUTimes.com, part of your ALM digital membership.
Your access to unlimited CUTimes.com content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Critical CUTimes.com information including comprehensive product and service provider listings via the Marketplace Directory, CU Careers, resources from industry leaders, webcasts, and breaking news, analysis and more with our informative Newsletters.
- Exclusive discounts on ALM and CU Times events.
- Access to other award-winning ALM websites including Law.com and GlobeSt.com.
Already have an account? Sign In
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
