CyberScout

Malicious Ads Have IT Security Professionals Worried

Malicious Ads Have IT Security Professionals Worried

While consumers are tired of being bombarded with ads every day, a more dangerous threat could be lurking in the background on webpages and their personal devices. Malicious advertising, also known as malvertising, is an emerging way cybercriminals are infecting new computers with malware, Cisco staff said in a blog post. This technique poses a great risk to cybersecurity because it exploits the popularity of social media sites as cybercriminals may spread malware exponentially through social networking advertising.

When users encounter a website with a malicious advertisement, they are sent to a different site that may download malware onto their computer or other device. The malicious software might mask as a regular download so the users do not suspect their systems are being infected.

"The attackers are purely relying on social engineering techniques, in order to get the user to install the software package," CIsco researchers said. "No drive-by exploits are being used thus far. The impressive thing is that we are seeing this technique not only work for Windows, but for Mac operating systems alike."

Researchers traced the malware attacks to the "Kyle and Stan" group, which includes domains that are spreading the malware. Even the most popular sites on the Web aren't safe, as Yahoo, Amazon and YouTube have become breeding grounds for malvertising. Other sites are also known for their video and media-playing capabilities, which make it easy to get users to click on ads. 

Why Amazon is the Biggest Source for Malware on the Internet
In listing the sites known for malvertising, Amazon has widely been named as a major source of malicious ads. And this is not a surprise for IT security professionals. 

The U.S. was a top destination of malware in the world in the fourth quarter of 2013, The Washington Post reported. And the main reason for this ranking? Amazon Web Services (AWS) hosted four of the biggest malware-hosting sites, which represented 6 percent of all malware in the fourth quarter of 2013. 

Of the global hosting providers, Amazon had the biggest concentration of malware. Although Amazon has tried to stop malware from being distributed through its hosting network, cybercriminals are still using Amazon's cloud service to not only host malware but to also crack passwords.

The past high-profile attacks made on Amazon's hosting services including the incident faced by social network LinkedIn in which personal information was stolen from millions of LinkedIn users, according to the Post.

As consumers see advertisements on the Internet, they should be careful to prevent malware from being downloaded onto their device by enabling security scanning for websites within the Kyle and Stan network.