Malvertising Wanes in Q4

Despite another increase in year-over-year malvertising detections, research shows the numbers are trending down.

According to RiskIQ’s Q4 Malvertising Roundup, the company scanned nearly 10% fewer incidents than the quarter before. This decrease has become a pattern: The Q3 report showed a massive decrease in malvertising beginning in the second half of 2017.

Even so, thanks to high numbers of incidents in the first half of the year, overall malvertising in 2017 increased 2.8% against 2016.

“Threat actors perform malvertising in all kinds of ways – phishing, scams, exploit kits, and malware – sometimes even via a drive-by-download, where the target user doesn’t have to click on a malicious link; the ad downloads the infection from the iFrame without their knowledge,” said RiskIQ researchers in a blog. “Sometimes, the ad will download software, which collects information on the user’s computer, or adbots that add to a wide-ranging fraudulent ad network. Ransomware is also a malvertising method, encrypting the unfortunate victim’s files and charging money to get them unencrypted.”

The fluctuation in volume of bad ads detected may indicate a change in attacker tactics. For instance, malvertising incidents containing malware decreased by a notable 67.5% in the fourth quarter, and there was a precipitous drop in advertisements using phishing techniques for the second quarter in a row. There were, however, small increases in scam advertising, which reversed a two-quarter trend.

“Malvertising is so nefarious because it’s a direct attack on the lifeblood of the internet as we know it,” said RiskIQ researchers. “Digital media marketing is what funds the ‘free’ websites we all enjoy online, and the success of the internet and all the people that rely on it is inextricably linked to its success. According to a report compiled by eMarketer, worldwide paid media market, which accelerates every year, is at $542 billion—lower than eMarketer’s previous forecast.”

What’s Hot on Infosecurity Magazine?