‘Malware sneaks into online ads’

WASHINGTON — Hackers are increasingly slipping malicious software into online advertising, creating risks for the Internet economic model, security researchers said Tuesday.

A report presented at the Black Hat security conference indicated that "malvertising" has become increasingly prevalent and difficult for users to detect.

"Malvertising victims are infected with malware in the course of their normal Internet browsing and therefore have no idea where or how they were infected," said the report presented by Cisco security researchers.

"Tracing the source is next to impossible, because the ad that delivered the malware has long since disappeared," it added. 

According to Cisco researchers, the problem is especially thorny because almost any website can be infected with a "drive-by" ad and may not be detected either by the website operator or ad network.

"A malvertiser who wants to target a specific population at a certain time — for example, football fans in Germany watching a World Cup match — can turn to a legitimate ad exchange to meet their objectives," the report said.

"Just like legitimate advertisers, they contact companies that are gatekeepers for the ad exchanges. They will pay up front for the advertising, perhaps $2,000 or more per ad run, and instruct the companies to tell the ad exchanges to serve the ads as quickly as possible, leaving little or no time for the ad content to be inspected," it added.

Cisco said malvertising appeared to be used to distribute viruses which lock up a user's computer until he or she agrees to pay a fee — a system known as "ransomware."

The report described malvertising as a potentially huge problem because it could disrupt the massive market for online advertising.