Your organization’s leadership is 12 times more likely to be the target of a security incident and nine times more likely to be the target of a data breach than they were last year. Find out how they can be protected.
Read the Datasheet
Gift Cardsharks: The Massive Threat Campaigns Circling Beneath the Surface
Learn about the attack group primarily targeting gift card retailers and the monetization techniques they use.
Get the Report
Threat Hunting Workshop Series
Join one of our security threat hunting workshops to get hands-on experience investigating and remediating threats.
Attend an Upcoming Workshop
Inside Magecart: New RiskIQ & Flashpoint Research Report
Learn about the groups and criminal underworld behind the front-page breaches.
Threat Hunting Guide: 3 Must-Haves for the Effective Modern Threat Hunter
The threat hunting landscape is constantly evolving. Learn the techniques, tactics, and tools needed to become a highly-effective threat hunter.
What’s in a malvertisement?
The answer to that question is always changing because malvertising is ever-evolving. However, a six-month sample of RiskIQ’s cyber threat detection data shows a fascinating cross-section of the current malvertising landscape.
The data shows a 186% increase in cases of drive-by malvertising (malvertisements that don’t require a user click) over the previous six months, as well as more instances of malware. Meanwhile, there’s been a slight scaling back of phishing and scams, possibly due to client efforts aimed at blocking that behavior and improving the user experience.
So, what’s in a malvertisment? Here’s what RiskIQ sees:
The most significant changes RiskIQ researchers have seen in the malvertising industry have come in the sophistication of delivery and fingerprinting methods. The bad guys have gotten much more advanced in how they detect and filter out cyber security companies attempting to help solve the problem and target the end-users most susceptible to their nefarious ends. You can read more about fingerprinting techniques here.
While malvertisements are only about .02% of the total of ad impressions we scan, given the sheer number of ads served, they continue to prey on countless end users. Malvertising and the economics behind it mirror the same economics that governs legitimate advertising—profitability is a numbers game that requires a large number of conversions for a scheme or campaign to be economically worthwhile.
To prevent malvertisements, consumers will continually turn to solutions like ad blockers, which drains the lifeblood of the free service internet. Also, simply staying off of sketchy sites and not clicking on suspicious-looking ads is no longer enough with the rise of drive-by malvertisements – ads that can be loaded through any network and drop a payload on a computer without a single interaction from the user.
Ultimately, the bulk of the work against malvertising shouldn’t fall on the end-user; it needs to be done by the entire digital advertising ecosystem. Because malvertising transcends the delivery chain, every party involved has a lot to lose. For publishers, it’s a sure-fire way to lose the trust of your user base. For demand-side platforms, it will get you shut out from exchanges. For brands, it will waste marketing budget and erode brand equity.
Every participant in the ad delivery chain must undertake due diligence on the integrity of their ad inventory in order to ensure a safe advertising supply chain. Taking part in the solution is not only good for the individual companies involved but also good for the industry as a whole because ultimately, its the ad consumers that are the victims.
RiskIQ enables advertising and ad technology teams to take immediate action to identify and remove malicious malvertisement hosts and advertisers from your network or publisher website and minimize the cyber threat to your end-users. Our cloud-based service intelligently and continuously scans billions of pages and tens of millions of mobile apps per day to track advertisements as they move through the ad supply chain, as well as sandbox scanning of creative inventory.
Contact us to find out more about RiskIQ malvertising solutions.
RiskIQ is the leader in attack surface management. We help organizations discover, understand, and mitigate exposures across all digital channels.
Enrich @Splunk security with attacker-facing asset discovery. Build reports, dashboards, identify vulnerabilities, and enable proactive attack surface management. Learn more and get the app! https://bit.ly/38wV3rm
Security in Google Play is improving, but bad actors can still place mobile apps there. In 2019, RiskIQ detected 25,647 blacklisted apps in the Google Play Store.
'Joker' Android Malware Pulls Another Trick to Land on Google's Play Store http://ow.ly/xniR50AuqJ6 by @jaivijayan #Android #malware #GooglePlay #mobile
Digital change expands what lives outside the firewall. We checked and counted up what we saw. Get the report and take command of your digital attack surface. https://bit.ly/3cOzJ0T
Ready to achieve #ThreatHunting mastery? Check out our most recent threat hunting workshop - we'll show you how to discover unknowns and investigate threats across your organization's attack surface https://bit.ly/2BUDF3V
As the pandemic rages on, we have an election coming up and that brings another round of targeted and themed attacks. RiskIQ Security Intelligence Services Add-on for Splunk helps you extend your program, protecting your organization and constituents. #protect2020 https://twitter.com/RiskIQ/status/1281241793040916483
RiskIQ Security Intelligence Services for @Splunk puts our unmatched internet telemetry at the fingertips of Splunk users, a powerful shield from the onslaught of cybercrime leveraging current events such as #COVID19 and the election. Read more: https://bit.ly/2Oa8ZhH