RiskIQ, the leader in digital threat management, today released its annual malvertising report which indicates a sharp spike in malvertising in 2016, a digital threat that has become increasingly challenging for organisations to detect and mitigate. Delivered through ad networks such as Google and Facebook, threat actors use malvertising to propagate malware, ransomware, and scams (disingenuous advertising), as well as redirect victims to phishing pages and pages hosting exploit kits.
“Malvertising is so nefarious because it’s a direct attack on the lifeblood of the internet as we know it. Digital media marketing is what funds the ‘free’ websites we all know and enjoy online. The success of the internet and all the people that rely on it is inextricably linked to online advertising success and safety,” said James Pleger, threat researcher, RiskIQ. “Publishers, ad platforms, and ad operations teams need active visibility, forensic information, and mitigation capability to enable them to effectively detect and respond to malicious ads in the wild.”
Key findings in the report include analysis data on the following malvertising characteristics:
- 132.6% Increase in total malvertisements
- 1,978.9% Increase in redirections to phishing pages
- 845% Increase in scam detections
- 22% Increase in antivirus binary injections
- 25.8% Increase in malicious distribution systems
- 58% Increase in scareware and browser lockers
According to a report compiled by eMarketer, the worldwide paid media market, which accelerates every year, recently hit more than half a trillion dollars, and worldwide paid media spending is expected to reach $674 billion by 2020.
“Malvertising threatens this online marketing growth,” James said. “For example, users wary of malvertising will block all ads, hampering the success of the digital advertising industry. By the end of 2017, 14.7 million people in the UK will be using ad blocking software*.”
RiskIQ mitigates the risk for digital advertisers and publishers through the company’s curated blacklist of malicious ads, intelligently scanned from over 2 billion pages and nearly 20 million mobile apps per day. This proprietary blacklist lets ad ops, brand managers, and security staff vet new demand sources and prevent malware within their ad infrastructure. The company’s advanced crawling infrastructure, which allows it to capture the entire ad, ad redirect chain, and creative sources, indicates which part of the ad-serving process was compromised and helps it identify the entity responsible.