Malicious code hidden in online ad images cost publishers and ad networks $1.13 billion this year

“Malvertising, the practice of embedding malicious code in seemingly innocent online adverts, is evolving through the use of steganography,” Charlie Osborne reports for ZDNet. “Files, messages, images, and video can be hidden within content of the same format, potentially leading to malicious redirects and the download of exploit kits.”

“The steganographic technique is fast becoming a popular method for fraudsters to dupe legitimate ad networks and spread malvertising across legitimate domains, according to researchers from GeoEdge, with a recent string of incidents highlighting the method’s capabilities,” Osborne reports. “GeoEdge says that Experian had one of their legitimate adverts targeted with a second image, one ‘that was not visible to the user but hidden inside the ad request which called up the embedded malicious code.’ ‘Once the ad appears on a user’s desktop or phone, the malicious code is enabled,’ the researchers said. ‘In this instance, the malicious code was an auto-redirect to a phishing site targeting US users.'”

“GeoEdge estimates that auto-redirect and steganography techniques used in malvertising cost publishers $120 million over the past year, and marketers up to $920 million. In total, the firm believes online advertisers lost $1.13 billion in 2018 — and this figure is expected to rise by up to a third over 2019,” Osborne reports. “Malvertising is a well-known problem, with companies including Facebook, The New York Times, BBC, AOL, and MSN, among many others, have been targeted in the past.”

Read more in the full article here.

MacDailyNews Take: The larger ad networks seem to have a better handle of unwanted, hidden redirects (think App Store pop ups and auto-redirects) as of late. Hopefully, detection techniques are improved and new ones devised to ferret out the fraudsters who dupe legitimate ad networks.


Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.