New Malware Spreads Through Web Advertising Channels
"Another rogue advertiser could do the same thing," Segura said. Fortunately, there are ways for users to protect themselves. However, without significant diligence, it's hard for companies to protect themselves from the effects of bogus advertising. Users need to keep their operating systems, their browsers and software such as Flash constantly updated. This is especially important for Internet Explorer, where it's easy to fall behind, and with Firefox, where until recently the update process had become cumbersome. One other browser, Google's Chrome, updates itself every time it runs and for this reason has fewer vulnerabilities that can be exploited in this manner. It's also possible that some ad blockers will prevent infection, Segura said, and removing Flash will also work. But removing Flash on a Windows computer can disable some important functions while browsing. Another, perhaps more effective solution is not to use a Windows computer for browsing the Internet. This is one of the benefits of the refusal by Apple to allow Flash to run on its computers.But that doesn't eliminate the necessity for companies to continually watch to make sure their ads haven't been compromised. Unfortunately, there doesn't appear to be a good way to find and kill ads that have been hijacked, and even if they are found, it's not necessarily easy to get the ad networks to stop running them. When Segura contacted DoubleClick and Merchenta, he said that only Merchenta responded and immediately killed the infected ad. He said that he never heard back from DoubleClick. There are other solutions. Symantec has offered for years a service that will detect infected ads on publishers' Websites. The Symantec AdVantage service is designed to scan Websites and detect malware placed on them. Unfortunately, with the current practice of changing ads almost constantly, this would mean that Websites would have to be scanned constantly. Still, for businesses that use the Web, it's crucial to make sure their sites, especially e-commerce sites, aren't infected. Once customers start getting malware from your site, the word will get out and your Website could become a ghost town. That doesn't help you or your customers.
For businesses, this situation can be more problematic. Few businesses will knowingly allow their advertising to be hijacked, but none of the malvertising attacks took place with the knowledge or consent of the companies whose ads were infected. Those ads were simply downloaded, infected and then placed into the ad network without the knowledge of the company being depicted in the advertisement.