Malvertising

Podcast Summary

• History of malicious advertising (malvertising) on the internet: The internet's economic foundation leaves room for malicious actors to exploit advertising networks, leading to significant security risks such as malware distribution through malicious ads.

  The internet's economic foundation, which relies heavily on advertising networks, can be exploited, leading to significant security risks. In 2013, Yahoo experienced a major breach where malware was delivered to users through malicious ads served by networks like Rubicon. This resulted in millions of users being exposed to ransomware, generating thousands of dollars daily for the cybercriminals. Malvertising, or malicious advertising, has been a growing concern since at least 2007, with criminals using online ads to install unwanted or malicious software. Initially, these ads were just simple images, but they have since evolved to become more sophisticated and harder to detect. The basic economic model of the internet, which involves websites selling their visitors' eyeballs to advertisers through networks, leaves room for vulnerabilities. Understanding the history and techniques of malvertising is crucial to staying protected in today's digital landscape.

• The shift from Flash to HTML5 in online advertising and the renewed focus on securing HTML5 ads: Online advertising's evolution brought sophisticated attacks, with Flash being a significant contributor. Now, with HTML5, there's a renewed focus on securing these ads against potential exploits, depending on the display network's regulation.

  The evolution of online advertising has led to increasingly sophisticated attack vectors, with Flash being a significant contributor to early malvertising attacks due to its ability to deliver and execute code. Now, with the rise of HTML5 animations, which function as mini web pages, there is a renewed focus on securing these ads against potential exploits. The level of security depends on the display network, with major players like Google taking extensive precautions, while smaller, less regulated networks may be more vulnerable to attacks. The death of Flash marked a turning point in the industry, but the potential for malicious code in HTML5 ads remains a concern.

• Malvertising: Two Levels of Risk: Malvertising can exploit pre-existing vulnerabilities to install malware or trick users into downloading unwanted files, putting your computer at risk. Stay informed and practice safe browsing habits to protect against these threats.

  Malvertising, or malicious advertising, comes in different forms and can pose significant risks to computer users. Scott's hierarchy of malvertising includes two main levels. At level 1, malvertising attacks exploit pre-existing vulnerabilities in your browser or computer to install malware. This can happen through force click ads that lead to bad websites or clones. At level 2, ads deliver downloadable files that you don't want, which can trigger malware installation if clicked or opened accidentally. It's important to note that in today's world, malvertising often requires a known exploit or a 0-day vulnerability to execute malware onto a viewer's computer. Ads on the internet consist of two parts: what you see and where it takes you when clicked. Malicious ads can take you to executable files that download malware. Force click ads, which require manual interaction to remove, can download multiple executable files if clicked. Staying informed about potential threats and practicing safe browsing habits can help protect against malvertising attacks.

• Hackers exploiting human trust and vulnerabilities: Stay informed and take steps to protect against social engineering and ad network vulnerabilities, including keeping software updated and being cautious of unsolicited communications.

  Hackers are constantly finding new ways to exploit vulnerabilities, and these vulnerabilities can be found not only in technology but also in human behavior. In the case of the New York Times hack, the hackers exploited the trust of the newspaper by posing as legitimate advertisers and swapping out legitimate ads with scam ads. This is an example of social engineering, where the vulnerability is the viewer's lack of knowledge or comfort. More recently, hackers have targeted ad networks, exploiting vulnerabilities in the network itself to take over and change the ads being served. This type of attack gives hackers the ability to bypass rules and restrictions and insert their own ads. It's important to stay informed about these types of threats and take steps to protect yourself, such as keeping your software up to date and being cautious of unsolicited emails or phone calls. Overall, the landscape of cybersecurity is constantly evolving, and it's essential to stay vigilant and adapt to new threats as they emerge.

• Potential Consequences of Unchecked Ads: Unchecked ads can bypass ad policies, reach large audiences, and cause harmless marketing to serious democratic manipulation. Ad blockers offer a defense, but can also prevent legitimate ads from being displayed.

  Controlling an ad network without any checks and balances could lead to widespread distribution of misleading or malicious ads. This discussion highlighted the potential for unchecked ads to bypass even the most rigorous ad policies and reach large audiences, with consequences ranging from harmless marketing to serious democratic manipulation. Ad blockers represent a common defense against such ads, functioning by recognizing and hiding the HTML code of unwanted ads, including those carrying malicious code. However, this also means that ad blockers can inadvertently prevent legitimate ads from being displayed, impacting the revenue streams of websites and content creators. Ultimately, the ad industry must strike a balance between allowing free and targeted advertising while maintaining transparency and preventing malicious activity.

• The Complex Relationship Between Online Ads and Content Consumers: Advertising is a primary source of funding for online content, but trust in ads is low due to intrusiveness and potential maliciousness. Content creators may need to find alternative ways to monetize if trust wanes, leading to a more fragmented media landscape.

  The relationship between content consumers and online advertisements is complex and evolving. Many legitimate websites are now using technology to detect and prevent ad blockers, appealing to users to allow ads in order to support the content they consume. This social pressure is a response to the fact that advertising is a primary source of funding for online content, from news sites to streaming platforms. However, the trust in ads is low due to their intrusiveness and potential maliciousness, and people are increasingly wary of clicking on links in emails. The shift towards online content funding through advertising is significant, and if trust in ads were to wane, the media landscape would change dramatically. Content creators would need to find alternative ways to monetize their work, which could lead to a more fragmented and diverse online media ecosystem. Ultimately, the balance between the need for funding and the desire for a non-intrusive user experience is a delicate one that requires ongoing dialogue and innovation.

• New Hack podcast release schedule: The Hack podcast team is changing their release schedule to put out a news update every two weeks and a high-quality episode on the last Tuesday of each month, giving them more time and resources for the in-depth episodes.

  The team behind the Hack podcast is making some changes to their release schedule. Instead of putting out a news update every week and a big episode every month, they will now be releasing a news update every two weeks and a high-quality, in-depth episode on the last Tuesday of each month. This decision was made to allow the team more time, energy, and love to put into the big episodes, ensuring they deliver the best possible content for their listeners. So, if you're a fan of the Hack podcast, mark your calendars for the last Tuesday of each month for the next level podcast experience. And don't worry, you'll still get your weekly dose of news updates every other week. Thank you for tuning in, and we'll catch you here on the next episode of Hack.