Home Explainers Malvertising Mayhem: Here’s Everything You Need to Know

Malvertising Mayhem: Here’s Everything You Need to Know

Threat actors infuse malicious codes in legitimate ads to redirect the users to phishing pages and deploy malware on their systems.

BotenaGo, malware over encrypted connections

Cybercriminals often create innovative malware variants and malicious campaigns to steal users’ identities or private information. In most malware-related attacks, threat actors deploy malware via phishing emails and messages, in which malware is downloaded when a victim clicks/opens a malicious attachment or URL. However, there are certain instances, where users unknowingly invite the malware into their systems through Malvertising.

By Rudra Srinivas, Senior Feature Writer, CISO MAG

What is Malvertising?

Malvertising (malware advertising) is a malicious technique used by cybercriminals to spread malware code or scripts via legitimate-looking ads on websites. In malvertising, malware authors purchase ad space on popular websites to run their malware-infused ads on their web pages. With malicious codes hidden inside these ads, they often redirect the users to fraudulent websites or install malware on their devices.

Threat actor groups often leverage malvertising tactics to deploy various forms of malware, including Banking Trojans, ransomware, crypto-mining scripts, and information stealing bots. Besides, certain campaigns install malware scripts that execute click-fraud operations in the background.

How does it Affect You?

Several popular brands have inadvertently published malicious ads, leaving their site visitors open to various kinds of malware attacks. Malvertising can bring adverse effects to users when they click/open a malicious ad, which:

  • Executes code that installs malware on the victims’ system.
  • Redirects the victim to fraudulent sites, dragging users to malicious schemes.
  • Reroutes users to a phishing website similar to a popular brand to trick users into entering login credentials.

Beware of the Malvertising Mayhem

Cybersecurity experts continue to observe malvertising attempts from state-sponsored attackers. Even popular brands have fallen victim to malvertising operators, losing their credibility towards users. Recently, security researchers from Proofpoint discovered a new malvertising campaign, dubbed CopperStealer, making the rounds online via fake software sites that targeted popular brands like Facebook, Google, Instagram, Amazon, and Apple. It was found that threat actors behind the CopperStealer malware campaign are leveraging compromised accounts to run malicious ads and deliver additional malware on targeted sources.

How to prevent Malvertising 

While it is difficult for a publisher to find out malicious ads on their website, certain security measures can help defend against malvertising campaigns. These include:

  • Use antivirus software and update it regularly
  • Stay wary of Clickbait ads
  • Do not click on suspicious ads
  • Deploy Ad blockers
  • Clear cache and cookies
  • Update browsers and plugins regularly
  • Say no to the “Save Password” feature on browsers
  • Whenever you see a suspicious ad, report it to the site holder

A legitimate browser or website doesn’t guarantee your online security. Adversaries everywhere are looking for loopholes to target unwitting users. It is our responsibility to raise security awareness that helps us in defending evolving threats.

About the Author


Rudra Srinivas is a Senior Feature Writer and part of the editorial team at CISO MAG. He writes news and feature stories on cybersecurity trends.       

Read More from the author.