Along with evolving technologies being developed for the common good, there exists another commonality being developed–this time for digital criminal activity. Known as malvertising, this form of cyber crime has already been launched against banking entities and financial institutions, sometimes blatantly demanding ransom money in exchange for the safety of an institution’s vital information.
The latest malvertising attack initiated was against 288 websites operating out of the Netherlands. The attack occurred in April 2016.
Malvertising: What Is It?
Simply put, malvertising comes into play once an Internet user visits a web page that contains an advertisement laden with malware and only get worse when the user clicks on an advertisement for an item, service or product the user wishes to view. Using a user’s preferred destination as a lure, such as let’s say, bakery supplies, all the party has to do is click on the designated link in the ad, and he or she innocently discharges an executable file on their hard drive.
The end result: to gather as much information that is possible from the user or the advertisers themselves. Gathered information that may take on the form of tampered accounts, identity theft, the user’s contact address book and in the end, financial loss to someone or multitudes of people.
How It Works:
There are two possible forms of transmission of a malvertising ad. The first form arrives when malicious ads appear with a pop-up or alert warning. Unsuspecting users simply click on the ad and the malware is released. The second delivery method comes when a victim innocently downloads or visits a web page with the malicious software on it.
Who Got Hacked?
Millions of users who frequently visited some of the Netherlands’ most popular websites – 288 websites in total so far – were victimized by a massive malvertising attack. The attack was first spotted because IT specialists noticed an increased spike in the occurrence of certain malware kits that are associated with malvertisements.
The total reach of this attack is not totally known; however considering some of the infected websites on the list, which includes Nu.nl, which is the Netherlands’ most visited news portal – approximately 50MM visitors a month – the number of infected computers is astronomical.
One thing that is known is that all of the 288 infected websites used the same advertising platform. It’s being reported that as soon as the advertising platform was told about the malvertising attack, it quickly shut down access to the malicious culprits involved; however the damage was done by then.
Other infected websites on the list include Marktplaats.nl, which with an eBay-type website; Kieskeurig.nl, which sells electronics; iculture.nl, which is a mobile review site and app store.