Malicious online activity in the form of hacks, malware and viruses have seen an exponential increase over the past 5 years, the rise in the number of consumers online coupled with a lax understanding concerning the dangers of the many cyber threats has led to more and more victims. Malvertising is one such example of how online advertisements could be hijacked and used to spread Malware through Malicious ads.
This technique has now found a new victim after online gossip site TMZ was found to be harbouring malicious online advertisements. For those who are unfamiliar with the site, TMZ is a hugely popular website that features expose, gossip and general breaking news concerning the world of celeb, the site pulls in over 30 million visitors a month and is a major attraction for online revenue, below is a summary of the attack.
It has been observed that the attack has the same ad chain pattern; this is from “ContextWeb (PulsePoint) to Smarty Ads and eventually various rogue advertisers”. The latter is leveraging CloudFlare’s infrastructure with the aim of hiding the servers location as well as encrypting the advertisement delivery to consumers via the website.
The malicious ad is pretty cheap to deliver when you consider it costs “$0.19 (£0.12) for one thousand user impressions (CPM)”
These attacks are designed to be as cheap as possible with the aim of targeting high impact traffic targets, on a side note, many websites try to discourage users from using popular ad blockers when accessing their sites, perhaps malicious advertisements leading to exploit kits is not the best deterrent.
Images courtesy of malwarebytes and nickcannon
