- Hackers are increasingly slipping malware into advertising on websites, CIO reported.
- A recent report by Cyphort found malvertising spiked 325%.
- Websites like Forbes, Huffington Post and the Daily Mail have been the focus of recent attacks.
Modern malvertising is effective because readers often don’t know it’s happening.
"You go to a website you've gone to 1,000 times before and unbeknownst to you, the ad we've all gotten good at ignoring is controlled by the criminal," says John Wilson, Field CTO at Agari. “The ad exploits security flaws any way they can – in browsers, PDF views, Flash players – and runs bits of code until they find one that works.”
One reason malware is spiking is because all the code used in modern online ads allows more opportunities to slip bad code from an ad onto a computer.
"That technology has gotten so sophisticated," said Fengmin Gong, co-founder and CSO of Cyphort. "From a technology point of view, it's the perfect fit for this malicious element."
For sites that use ad networks, limiting who can advertise on your site can reduce the chance you're going to serve up malvertising. Websites that use ad networks should also make sure their security is up to date.