Serving malware and other shady content through ad networks is an attack vector preferred by more and more cybercriminals. Experts warn that the number of malvertising attacks will increase in 2014.
Bitdefender researchers have analyzed the ads on a total of 150,000 pages and found that 7% of them lead users to malware, spam or phishing websites.
The ads were on sites that users visit after searching for terms such as “free movies,” “free music,” “free downloads,” “lose weight,” “make money from home” or “ torrents” on search engines.
Most of the ads are business-related (20.73%). Other popular categories are computers and software (20.29%), gambling (12.84%), health, news, file sharing and adult sites.
58% of the websites promoted this way fall into the fraud category, followed by spam, malware, untrusted and phishing sites.
Most threats originate in the United States, the Netherlands and Canada. The United Kingdom and Germany are also in the top 5 malvertising sources.
“In 2014 we expect cybercriminals to exploit advertising more and more in order to deliver malware or trick users into enrolling in various games through which they end up losing money. Millions of users from all around the world are exposed to virus infections, fraud or spam,” noted Bitdefender Chief Security Strategist Catalin Cosoi.
Cosoi says the perfect example is the recent attack on Yahoo! users. Earlier this year, the computers of the site’s visitors were infected with malware after cybercriminals set up some malicious advertisements. A total of around 2.5 million users were said to be impacted.
The complete report, called “The Murky Waters of the Internet: Anatomy of Malvertising and Other e-Threats,” is available on Bitdefender’s website. The paper also contains some recommendations for website owners and Internet users on how to protect themselves against such attacks.