Hackers increasingly are exploiting a little-discussed weak spot in Internet security: The byzantine network of ad makers and sellers that target online ads based on users' browsing habits.
The trend was reinforced recently when Yahoo Inc. displayed an advertisement laced with malicious computer code to European users for a week. Other major websites have run malicious ads in recent months, including those of newspapers, blogs and Dailymotion, a popular destination for streaming video.
In some cases, the fake ads can download viruses without a user even clicking on them. In other instances, the ads serve up a legitimate-looking alert— "Your computer's antivirus is out of date!"—to trick people into paying fraudsters money or downloading a virus. The spots sometimes are served unknowingly by major ad networks and can slip by antivirus software.
The Internet advertising ecosystem is part of the problem. Ads may pass through dozens of virtual hands to match buyers with sellers in quick online auctions. The process is so fast, and there are so many players, that it can be difficult to screen every ad, according to security researchers and people in the advertising industry.
Hackers tend to move in packs, swarming to exploit a security hole until it is fixed, said an official at Rubicon Project Inc., which automates the buying and selling of ads. Hackers now appear to be swarming on Web ads.
In 2013, the cybersecurity company RiskIQ Inc. tracked nearly 384,000 malicious ads online. That's up from 205,000 the year before and 70,000 in 2011. People close to large ad companies acknowledge the number of bad ads has increased, but say that's partly because more people are online. These people also say ad companies are blocking more as well.Read the rest of the story HERE.
If you like what you see, please "Like" us on Facebook either here or here. Please follow us on Twitter here.
No comments:
Post a Comment