User:Saviands/sandbox

Hi, Saviands. I've just reviewed your draft article, and had a few thoughts:

Do you have a citation for "Mighty Magoo"?
This is otherwise very nice; great work!

Thanks for helping to build the largest and most popular general reference work on the entire Internet. We can't do it without you! Cheers, —Theopolisme (talk)

_{When you're ready to publish your article, delete this message by deleting the very first line of your article's WikiCode (it begins with {{User:Theopolisme...).}

This is the user sandbox of Saviands. A user sandbox is a subpage of the user's user page. It serves as a testing spot and page development space for the user and is not an encyclopedia article. Create or edit your own sandbox here.

Other sandboxes: Main sandbox | Template sandbox

Finished writing a draft article? Are you ready to request review of it by an experienced editor for possible inclusion in Wikipedia? Submit your draft for review!

Malvertising (from "malicious advertising") is the use of online advertising to spread malware.^[1]

Malvertising involves injecting malicious or malware laden advertisements into legitimate online advertising networks and webpages.^[2] Online advertisements provide a solid platform for spreading malware because significant effort is put in to them in order to attract users and sell or advertise the product.^[3] Because advertising content can be inserted into high-profile and reputable websites, malvertising provides malefactors an opportunity to "push" their attacks at cautious web users who would not normally visit unknown external URLs. By exploiting the reputation of the website, the allegedly advertised brands convince users they are viewing legitimate advertisements.^[4]^[5] Malvertising is "attractive to attackers because they 'can be easily spread across a large number of legitimate websites without directly compromising those websites'." ^[6]

Malvertising is a fairly-new concept for spreading malware and is even harder to combat because it can work its way into a webpage and spread through a system unknowingly: “The interesting thing about infections delivered through malvertising is that it does not require any user action (like clicking) to compromise the system and it does not exploit any vulnerabilities on the website or the server it is hosted from... infections delivered through malvertising silently travel through Web page advertisements.” ^[7] It is able to expose millions of users to malware, even the most cautious, and is growing rapidly: "In 2012, it was estimated nearly 10 billion ad impressions were compromised by malvertising." ^[2] Attackers have a very wide reach and are able to deliver these attacks easily through advertisement networks. Companies and websites have had difficulty diminishing the number of malvertising attacks, which "suggests that this attack vector isn’t likely to disappear soon." ^[6]

How It Works[edit]

Websites or web publishers unknowingly incorporate a corrupted or malicious advertisement into their page. Once the advertisement is in place, and visitors begin clicking on it, their computer can become infected: "the user clicks on the ad to visit the advertised site, and instead is directly infected or redirected to a malicious site. These sites trick users into copying viruses or spyware usually disguised as Flash files, which are very popular on the web." ^[8] Redirection is often built into online advertising, and this spread of malware is often successful because users expect a redirection to happen when clicking on an advertisement. A redirection that is taking place only needs to be co-opted in order to infect a user's computer. In several cases, the victim need not follow the links presented. Instead, the malicous ad contains a drive-by download by using flash scripts.^[1]

Malvertising often involves the exploitation of trustworthy companies. Those attempting to spread malware place “clean” advertisements on trustworthy sites first in order to gain a good reputation, then they later "insert a virus or spyware in the code behind the ad, and after a mass virus infection is produced, they remove the virus", thus infecting all visitors of the site during that time period. The identities of those responsible are often hard to trace, making it hard to prevent the attacks or stop them altogether, because the "ad network infrastructure is very complex with many linked connections between ads and click-through destinations." ^[8]

Examples of Malicious Advertisements[edit]

Several popular websites and news sources have been victims to malvetising and have had malicious advertisements placed on their webpages or widgets unknowingly, including Horoscope.com, and The New York Times,^[9] the London Stock Exchange, Spotify, and The Onion.^[6]

In 2009, the banner feed of The New York Times was hacked for the weekend of September 11 to 14, causing some readers to see advertisements telling them their systems were infected and trying to trick them into installing infected software on their computers. According to spokeswoman Diane McNulty, "the culprit approached the newspaper as a national advertiser and had provided apparently legitimate ads for a week", and the ads were switched to the virus alert malvertisement after. The New York Times suspended third-party advertisements to address the problem, and even posted advice for readers regarding this issue on its technology blog.^[10]

Another example of Malware advertising is the gaming site "Mighty Magoo".^[11] They will propose advertising links to download their malicious toolbar and will also contribute to infringing popular trademarks of Nintendo and Sega. Their program is infected with a Malware virus called "adware.magoo" that appears to be nearly impossible to remove. Mighty Magoo has also advertised on YouTube where their "Super Mario" game has been advertised on Mario videos. They have yet to be prosecuted for their copyright infringements and unlicensed games.

Types and modes[edit]

By visiting websites that are effected by malvertising, users are at risk of infection. There are many different methods used for injecting malicious advertisements or programs into webpages:

Pop-up ads for deceptive downloads, such as fake anti-virus programs that install malicious software on your computer.^[2]
Drive-by downloads.^[2]
Web widgets in which redirection can be co-opted into redirecting to a malicious site.^[3]
Attackers embed hidden iframes that spread malware into websites.^[3]
Content Delivery Networks (CDNs can be exploited to share malware.^[3]
Malicious banners on websites.^[3]
Third-party advertisements on webpages.^[12]
Third-party applications, such as forums, help desks, CRM and CMS.^[12]

Impact and consequences of malware[edit]

Malvertising installs malware on a user's computer. Some common examples of malware are computer viruses, computer worms, and Trojan horses. They "are often grouped together and referred to as malware".^[13] There are many consequences to not being aware malware being on your computer. If it gets on your system, the hacker could have access to personal information and users could be at risk of identity theft. They can also track and monitor your internet activity, and sometimes install viruses or other forms of malware that make your computer unusable or corrupt.^[2]

Preventive measures[edit]

There are several pre-cautions that people can take to lessen their chances of getting tricked by these advertisements. Besides just learning about them, users can download internet browsers that can detect websites that have malware advertisements on them, such as Internet Explorer 9 or Google Chrome, which "includes some security advances that make attacks more difficult." Commonly used programs such as Adobe Flash Player and Adobe Reader can have their flaws exploited, and become vulnerable to attacks, so it is important to keep them up-to-date.^[14] Users can also download anti-virus software that protects against threats and removes malicious software from your system. Lastly, users can push companies and websites to scan advertisements before making them active on their webpages.^[2]

Tips For Publishers and Websites[edit]

All websites and web publishers that feature advertisements are at risk of being hit by malvertising. The "Tips For Publishers" page of Anti-Malvertising.com suggests several measures web publishers can take to help protect themselves and their site's visitors including thoroughly checking potential partners' references and credentials and inspecting advertisements before placing an advertisement on the website.^[15] According to the Online Trust Alliance, "perpetrators attempt to infiltrate online advertising networks by creating fraudulent advertisers or advertising agencies that appear to represent legitimate brands".^[2] Educating employees and team members to recognize suspicious behaviors of clients or advertisements, and adopting new, stricter policies can help protect the website and visitors. Publishers can also make sure that their computers and their employees' computers are all protected and up-to-date with anti-virus software to protect from infection. Also, if a website is registered with Google Webmaster Tools, Google will flag the sites' link in search results if it becomes compromised by malware: "You can use Webmaster Tools to see if your site has been determined to distribute malware. Once the malware has been removed, you can file an appeal to have the malware warnings removed." ^[15]

The Online Trust Alliance's "Malvertising Response & Remediation Guide" suggests organizing a response team who can successfully inform employees and management of how to handle potential risks and who consistently scan for threats.^[2]

References[edit]

^ ^a ^b William Salusky (2007-12-06). "Malvertising". SANS ISC. Retrieved 2010-08-05.
^ ^a ^b ^c ^d ^e ^f ^g ^h Online Trust Alliance (2012-07-29). "Anti-Malvertising Resources". Online Trust Alliance. Retrieved 2013-25-5. {{cite web}}: Check date values in: |accessdate= (help)
^ ^a ^b ^c ^d ^e Sood, Aditya (2011). "Malvertising - exploiting web advertising" (PDF). Computer Fraud and Security: 11–16. Retrieved 26 February 2013. {{cite journal}}: Unknown parameter |coauthors= ignored (|author= suggested) (help); Unknown parameter |month= ignored (help)
^ Bobbie Johnson (25 September 2009). "Internet companies face up to 'malvertising' threat". The Guardian. Retrieved 2010-08-05.
^ "The rise of malvertising and its threat to brands". Deloitte. 2009.
^ ^a ^b ^c Zeltser, Lenny. "Malvertising: Some Examples of Malicious Ad Campaigns". Lenny Zeltser on Information Security. Retrieved 22 March 2013.
^ "Five-month malvertising campaign serves up silent infections". Infosecurity. Reed Exhibitions. Retrieved 18 March 2013.
^ ^a ^b "A rising security threat: Malvertising". Bullguard. Retrieved 18 March 2013.
^ Johnson, Bobbie (Sep 25, 2009). "Internet companies face up to 'malvertising' threat". The Guardian. Retrieved 26 February 2013.
^ Picchi, Aimee (14 September 2009). "Malvertising hits The New York Times". The Daily Finance. Retrieved 26 February 2013.
^ "Adware.Magoo". Symantec. Retrieved 17 March 2013.
^ ^a ^b Finley, Klint. "Report: The 3 Biggest Enterprise Website Malware Vulnerabilities". Readwrite Enterprise. SAY Media. Retrieved 22 March 2013.
^ "What is Malware?". Microsoft Safety and Security Center. Microsoft. Retrieved 18 March 2013.
^ Richmond, Riva. "Five Ways to Keep Online Criminals at Bay". Personal Tech. The New York Times. Retrieved 26 February 2013.
^ ^a ^b "Tips For Publishers". Anti-Malvertising.com. Retrieved 18 March 2013.