There isn't always truth in advertising
Cybercriminals are increasingly targeting legitimate websites, using compromised ads as the vehicle to deliver malware to millions of users daily. Malvertising is the practice in which malicious advertisement is injected into legitimate websites. What makes malvertisements so virulent is that they can infect thousands of websites at once by infiltrating popular syndicated online ad services. And once the damage is done, the attacker can easily remove the offending ad from the targeted network without a trace.
The danger lurking in third-party ad servers
Because there are so many players in the ad supply chain, websites that run third-party ads don't have much control over what ads are displayed to their visitors. Publishers and ad networks therefore have huge blind-spots when it comes to detecting malvertisements. And this problem is not just limited to large ad networks. To date, RiskIQ™ for Ads has detected third party malfeasance on both major and minor ad networks.
Our unique approach to eliminating malware
We specialize in the proactive discovery of strategies used to distribute malware and commit marketing fraud.
- Our crawling technology navigates through a website or mobile app clicking on banners ads the way a human user would, to detect drive-by downloads, fake anti-virus pop-ups and other malicious activity.
- Our global proxy network performs the anonymous scanning of ads. We do this from multiple geographic locations and browser types, including mobile browser platforms.
- Since malware cannot distinguish between real user sessions and our bots, we can bypass malware-cloaking mechanisms used to avoid detection by traditional web scanners.
Behavioral & reputation-based analysis
- Malware events are traced to their source, using behavioral techniques to follow redirects and attack lineage.
- Binaries collected are run through more than 40 anti-virus panels.
- Resources discovered in the ad chain are also run against publicly available and commercial blacklists.
- We constantly scan the universe of websites and mobile apps that are relevant to your industry and business.
- Since we have been crawling the open web, we have generated 18 million unique malware and reputation events.
- We currently average 25,000 to 30,000 new events on a daily basis, often detecting zero-day malware.
- Up to 30% of zero-day malware distribution URLs that we discover are unknown to traditional URL-monitoring technology.
Who benefits from using our solution?
- Publishers benefit from early warning detection of malvertisements to reduce brand and reputation erosion.
- Ad Networks avoid loss of business & trust from web publishers, lower liability risks from downstream publishers or their users.
- Ad operations teams get real-time incidents alerts that provide complete data trails to allow them to take action on illegimate ads.
- Marketing teams are able to protect their marketing and advertising investments.
- Security teams get transparency into threats across their web ecosystem, allowing them to maintain strict security standards to minimize threats to their web visitors.