VB2016 paper: Uncovering the secrets of malvertising

Posted by   Martijn Grooten on   May 10, 2017

In his VB2014 paperBromium researcher Vadim Kotov sketched the possibilities for malicious actors to use web ads to spread exploit kits. Unsurprisingly, malicious actors also spotted those possibilities, and the advertisement ecosystem has become such a big attack surface that many security experts advise the running of ad-blockers to enhance security.

Today, we publish a paper (HTML and PDF) presented at VB2016 in Denver by Malwarebytes researchers Jérôme Segura and Chris Boyd, in which they look at this ecosystem, how it is used, and at what techniques are being utilised to spread malware. (Unfortunately, due to a technical error we are unable to publish the video of their presentation.)

 

malvertisting-fig6.jpg


Those who want to keep up with trends in exploit kits in general, and malvertising in particular, are advised to read Jérôme's posts on the Malwarebytes blog, while those who are interested in the subject of 'advergaming', mentioned in the paper as a possible future trend, should come to VB2017 to see Chris present a paper on this very subject.

Registration for VB2017 is now open - register before 30 June 2017 to qualify for the early bird rate!

twitter.png
fb.png
linkedin.png
googleplus.png
reddit.png

 

Latest posts:

The road to IPv6 is generally smooth but contains a few potholes

Most of the switch from IPv4 to IPv6 will happen seamlessly. But we cannot assume it won't introduce new security issues.

New paper: Powering the distribution of Tesla stealer with PowerShell and VBA macros

Since their return four years ago, Office macros have been one of the most common ways to spread malware. Today, we publish a research paper which looks in detail at a campaign in which VBA macros are used to execute PowerShell code, which in turn…

VB2017 paper: Android reverse engineering tools: not the usual suspects

Within a few years, Android malware has grown from a relatively small threat to a huge problem involving more than three million new malware samples a year. Axelle Apvrille, one of the world's leading Android malware researchers, will deliver a…

Patch early, patch often, but don't blindly trust every 'patch'

Compromised websites are being used to serve fake Flash Player uploads that come with a malicious payload.

Virus Bulletin at RSA

Next week, VB Editor Martijn Grooten will be at the RSA Conference in San Francisco.