Telkom Looking for SA’s Content Creators To Feature On Its New Video Service, TelkomONE

Telkom is looking for fresh local content creators to contribute content to and have it featured on its new video service called TelkomONE -...

Latest Posts

Low-Cost Internet Pilot Project in Soweto Empowers Young People

FibrePoynt, Thabure Towerco and Phuthanang Youth Trust have installed a pilot network in Central Western Jabavu, Soweto. The pilot network offers the high-density township,...

Telkom Unveils Its New FreeMe Share Plans Targeting Data Users

Telkom has launched FreeMe Share Plans, a shared data plan that allows multiple SIMs to share a single data plan. The company said in a...

Dlamini-Zuma Asked To Provide Reasons For Extending Lockdown – or see you in court.

DearSA attorneys Hurter Spies this week sent a letter  to Cooperative Governance and Traditional Affairs Minister Nkosazana Dlamini-Zuma asking her to provide reasons why she...

Paxful Highlights Security and User Education Can Boost Trust in Crypto

In acknowledging Cybersecurity Awareness Month during October this year, leading peer-to-peer (P2P) cryptocurrency marketplace, Paxful, is highlighting the importance of security awareness amongst users...

Malvertising: When Advertising Becomes Dangerous

Over the last several months, the BBC, the New York Times, and other major news and commercial websites became victims of Malvertising attacks. What exactly is Malvertising? To understand this type of attack, we must go back to the malware basics. By Doros Hadjizenonos, Country Manager of Check Point South Africa

One of the most prominent ways malware spreads is by infecting websites and delivering drive-by attacks. When a user visits an infected site an exploit kit is activated. Once activated, the kit checks to see if the machine is vulnerable to one or more of the exploits it contains. If so, it leverages the vulnerability to install malicious software on the user’s device. Since this is a common threat, most websites harden their systems to protect themselves and their visitors from infection.

However, hackers can avoid the need to infect a well-guarded website by infecting the servers that supply advertisements to them instead. This form of attack is called Malvertising and is extremely effective for attackers who wish to reach a broad audience with their malware. The more popular the website, the larger the impact will be.

A Growing Trend

Malvertising is not a new form of an attack, but it has become headline news after several recent occurrences. At the beginning of March, a large Malvertising campaign targeting Baidu’s advertising platform was revealed. Despite having started in October 2015, this campaign’s evasive and elaborate nature enabled it to remain undercover and impact countless users in China for over four months. Two weeks later, several major news sites, including the BBC and New York Times, were hit with a Malvertising campaign. Visitors to these sites were targeted by a ransomware variant, similar to the infamous Cryptolocker attack, served by the Angler exploit kit. The attackers did not stop after the campaign was finally exposed.

They simply changed tactics to target videos as their Malvertising platform, instead of infecting users as they previously had through web banners. The campaign continued successfully targeting the Fox News website, among others.

Another recent Malvertising campaign targeted Australian users with an even more complex attack flow. First, they infiltrated a law firm’s website. Then they created fake advertisements containing the firm’s logo and published them on the Gumtree website, a subsidiary of eBay, which receives 48 million visitors a month. The attackers were able to stay hidden by altering the supplied ads, switching between benign and malicious ones, making it harder for security vendors to identify them.

Why Malvertising?

It is interesting to notice that hackers often attack suppliers who work with the main websites, rather than attacking the sites themselves. Often times, leveraging an attack through a supplier proves an easier path to success than a direct attack on the intended victim. We have seen this pattern with several Malvertising attacks. The same approach was used in the infamous Target hack, in which the attackers infiltrated Target’s network by compromising the network of Target’s suppliers first.

For this reason, we believe that the Malvertising trend will continue to impact major sites and users worldwide. In order to mitigate it, Ad servers must enhance their security measures and ensure the content they supply is legitimate.

How Can You Protect Your Organisation?

What we have learned from recent Malvertising attacks is that education and awareness about these threats are not enough to stay protected. Even the standard security measures that already exist in most organisations are only capable of preventing known threats and are not capable of countering the advanced, continuously evolving tactics of today’s cybercriminals.

Organisations that wish to stay fully protected must elevate their threat prevention strategies and protect themselves, not only from known threats, but also against unknown malware and zero-day threats, like Malvertising. To address this challenge, Check Point offers SandBlast Zero-Day Protection; the most advanced solution to protect against these new and unknown malware and advanced threats.

Latest Posts

Low-Cost Internet Pilot Project in Soweto Empowers Young People

FibrePoynt, Thabure Towerco and Phuthanang Youth Trust have installed a pilot network in Central Western Jabavu, Soweto. The pilot network offers the high-density township,...

Telkom Unveils Its New FreeMe Share Plans Targeting Data Users

Telkom has launched FreeMe Share Plans, a shared data plan that allows multiple SIMs to share a single data plan. The company said in a...

Dlamini-Zuma Asked To Provide Reasons For Extending Lockdown – or see you in court.

DearSA attorneys Hurter Spies this week sent a letter  to Cooperative Governance and Traditional Affairs Minister Nkosazana Dlamini-Zuma asking her to provide reasons why she...

Paxful Highlights Security and User Education Can Boost Trust in Crypto

In acknowledging Cybersecurity Awareness Month during October this year, leading peer-to-peer (P2P) cryptocurrency marketplace, Paxful, is highlighting the importance of security awareness amongst users...

Don't Miss

South African Casino Operators Push For Online Casino Legislation

South African casino operators such as Tsogo Sun and Sun International are quietly pushing the government to pass legislation allowing online casinos to operate...

Cell C Loses Court Bid to Stop ICTU Strike Action

Cell C on Tuesday suffered another blow when the Labour Court in Johannesburg ruled that its application to interdict members of the Information Communications...

Africa’s First Adaptive Learning Online High School Launches

Prestigious, independent school, Bridge House and award-winning EdTech company, Digemy, have joined forces to create ConnectEd - the first Independent Examinations Board (IEB) curriculum...

Mercedes-Benz Gives Its EQC Electric vehicle The 4×4² Treatment

Mercedes-Benz has given its EQC electric vehicle the 4x4² treatment. The EQC 4x4² is an electric car of extremes. Mercedes-Benz wishes to test the...

Nedbank Signs Up 100 000 Customers for its Avo Super App

Avo, launched at the height of the national lockdown, has surpassed the 100 000 customer mark in September 2020 and continues to evolve alongside its...

Stay in touch

To be updated with all the latest news, offers and special announcements.

%d bloggers like this: