How to Protect Yourself From “malicious Ads” on the Internet
In the never-ending battle against Internet security threats, a new enemy is rapidly spreading: malicious ads or malware that is downloaded to your computer when you view ads, even if you are using an ad blocker. Here’s what to look out for, why it’s a problem, and how to protect yourself.
How malicious ads work
Malicious ads are insidious and can spread on a large scale simply by displaying ads on a web page. It usually spreads without the knowledge of the site hosting the ad, and without the knowledge of the ad network running the malware. This means that an email to the blog owner that “your ad infected my computer with a virus” will inevitably lead to confusion. Emails from site owners to their advertising partners will receive a similar response. And this is becoming more common .
If you’ve been on the Internet long enough, you may recall the days when Skeezy ad networks used banner ads and pop-up ads to entice you to download malware, install a toolbar, or change your start page. We told people, “Just avoid sketchy websites and you should be fine.” Those days are long gone. Malicious ads are a different matter – they are infiltrating ad networks with the best intentions due to their security weaknesses and the use of their technologies. The end result is ads that don’t just prompt you to download something, but automatically downloads malware into your system, even if the ad is blocked by an ad blocker or downloaded in the background.
Even worse, malicious ads can target specific systems. Since ad networks collect data such as your browser, your operating system, and even your physical location (all of which are used to determine which ads to show), an attacker could use the ad network’s own data to present specially crafted malware such as Windows Machines. XP in North America. For example, it is very easy to attack government agencies by sending infected advertisements to government employees who are still using Windows XP . In addition, the malware can only be displayed to users with Flash enabled or Internet Explorer users – whatever to increase the chances of infection.
But there is good news as well. Ad networks, to their credit, have tightened their ad process to keep malware from slipping through the cracks. Plus, knowing that their business is based on the belief that they will serve useful ads to their audience, they act quickly if there is a trade-off. Likewise, on our end, most of the malware injected into ad networks uses technologies that we all know are vulnerable, such as Adobe Flash, Acrobat, and Java.
Disabling plugins and using an ad blocker are good steps (but not a panacea)
So the solution is to justdisable Flash and uninstall Java , right? Chances are you don’t need them anymore, so browsing the web without them should make things better.
This is a good start, but there is more to it. Disabling Flash and Java plugins are great first steps and will give you a good way to be on the safe side, but you should also disable any plugins you don’t use, remove add-ons you don’t need, and update your browser regularly, as explained in this guide from How-To Geek . You might be thinking, “Oh, it’s just Flash,” but the next vulnerability might not be easily disabled — or it might be built into your browser.
Many ad network malware is delivered to endpoint computers via Flash and Java, but not all. In many cases, they use other zero-day exploits, either on the site hosting the ad (which then prompts you to download the malware) or on the computer viewing it (which bypasses the request and simply infects your computer). For example, when celebrity chef Jamie Oliver’s website was hacked , visitors didn’t get prompts or warnings – they just got a huge dose of malware delivered to their computers behind the scenes thanks to some compromised JavaScript.
So the next step should be to install an ad blocker, right? The absence of ads should mean you are protected from malicious ads, right?
Not so fast. While ad blockers and similar tools can certainly help , there are two problems with them right now:
- Ad blockers that prioritize some ads over others are just as vulnerable . In short, when you install Adblock Plus and think you are supporting so-called “soft” ads, you can shoot yourself in the foot. In fact, ad networks that are generally considered trustworthy are the biggest targets of malicious ads . Yahoo’s ad network was hacked and malware was subsequently delivered to PlentyOfFish users this year . Google’s own DoubleClick network exposed millions of users to malware , although the malware was targeted specifically for Windows XP users. Honestly, there is no evidence that any of this went through ad blockers, but when ad blockers start accepting money from ad networks for whitelisting, it’s an inevitable result.
- Targeting more than just display ads . Most ad blockers do a great job of displaying display ads, but now malicious ads are shifting to video ads as well. Video ads are more difficult to validate before being included in an ad network’s database, and can be disguised as regular ads, early ads, or even full page ads that a user must dismiss in order to return to reading an article or watching a video.
So the solution here is not just “install an ad blocker” but “install an ad blocker that you know how to use and use it appropriately.” This means you can disable unnecessary scripts and see who is whitelisted and who is not. We recommend uBlock Origin here, and Disconnect offers to block malicious ads on your computer and mobile devices .
Don’t overlook the importance of good virus and malware protection . Tools such as MalwareBytes, can stop the program, which can be missed by antivirus tools, and protect you from as yet undiscovered vulnerabilities. In fact, they were some of the first security researchers to actually tackle malicious ads . Combine your antivirus with browser-based tools and you’ll be well protected.
If you just install Adblock Plus, load the default lists and leave, you’re doing yourself a disservice. As with any security tool, if you don’t take the time to become an educated user, you will leave yourself vulnerable. Not only malware or exploits spreading across the web, but also weaknesses in the tools you trust to protect you.
Supports ad-free internet
All of these tools are great and will allow you to browse the web with peace of mind and relative safety, but they come at a price: sites hosting relevant ads. Punishing every site you visit because a remote ad network is compromised, especially if it’s not the site owner’s fault, is not a very pleasant thing to do. Of course, at Lifehacker we rely on advertising and to pay bills, but malicious advertising puts users – and site owners – in a really dire situation.
The rise of massive ad networks that allow site owners to focus on blogging rather than advertising also makes it nearly impossible to support a site owner without putting yourself at risk – or putting your data in the hands of these huge networks. You can simply whitelist sites you trust and respect and let your anti-malware do its job if something goes wrong, but there is another option: when the services allow you to support them directly to avoid advertising, do it .
Malicious ads will remain a problem, and while major ad networks like DoubleClick and TradeDoubler, as well as Yahoo’s own network, are trying to solve this problem, each of us must still defend ourselves, block our sites and create similar networks in which we want to live.