Posted by Martijn Grooten on Sep 7, 2016
Two years ago, at VB2014, Bromium researcher Vadim Kotov presented a paper in which he looked at various possibilities for cybercriminals to leverage ad networks to spread malware. Unfortunately, if somewhat unsurprisingly, Vadim's predictions came true and 'malvertising' has become a huge plague on the Internet in the two years since his talk.
Despite this trend, there are many misconceptions about malvertising, the most prominent of which is the idea that you need to click on an ad to get infected, while in practice, the infection (of a vulnerable device) happens quietly in the background. All the more reason why we are glad to have a paper on the subject at VB2016.
In the paper, Malwarebytes researchers Jérôme Segura and Chris Boyd look at how criminals use legitimate ad networks to have their malicious ads "displayed" on prominent websites, and how these ads then infect the user. They also look at recent trends in malvertising, from "domain shadowing" to the increased use of SSL.
Finally, they take a look at the future of online ads and the ethics and effectiveness of ad-blockers.
VB2016 starts in four weeks' time and registration is still open. In the meantime, to whet your appetite, here is Vadim Kotov's VB2014 presentation on hacking the ad-network "like a boss":