Hackers’ most effective route to your computer: website ads

by
Print Friendly, PDF & Email
Play

There used to be a traditional set of guidelines that you could go by, and by doing so you could be reasonably sure that your computer was safe from being attacked or infected by a virus or malware. Use a good antivirus, don’t open email attachments, don’t click on a link unless you know for sure where it leads, and don’t visit sketchy websites. Those are all still good and important, and I highly recommend all of those guidelines. But hackers have another way into your computer – advertising on websites.

hacker

 

That’s right – your computer can get infected simply by visiting a website that displays a malicious ad. And before you say, “That’s okay – I don’t click on any of the ads” – it doesn’t matter. The attack does not require you to click on anything.

This type of attack is called “malvertising”. Here’s why it can be so effective:

1. It shows up on safe, respectable websites

One of the first rules you hear about for keeping your computer safe is that you shouldn’t visit sketchy websites – AKA “internet bad neighborhoods”. These usually include sites that are about pirating software, cracking passwords, downloading music or movies illegally, that kind of thing. When you visit places like that, you should just about expect to get infected.

But what if you go to a well-known, popular website that is popular in the mainstream and considered very safe? An infected ad can easily show up there. Websites for companies such as Yahoo!, CNN, Tumblr, eBay – they are all susceptible to this at different levels.

When an ad can appear on the most highly-visited, trusted websites, you can’t just filter it out based on the website’s domain because you’d be cutting off access to virtually all of the internet.

2. The attackers can usually remain anonymous

It would be easy if a website simply made a deal with a particular company to sell a particular advertising campaign. If that package of ads was found to be malicious, it would be clear who is at fault. But that’s not how it works. Website advertising for the large companies is done by ad networks. This means a website would purchase a “package” of advertising that includes lots of different ads from a wide range of companies. This is a convenient and efficient way of selling advertising, but it also makes it very difficult to dig down and find out which ad served up the malicious content.

3. Hacker attacks can target a very specific group of users

One of the greatest innovations in advertising is the ability to focus on a demographic. But this is also a curse, as it allows the bad guys to target just exactly who their victims are. If an attacker creates a pop-up ad that says “Your client records are infected – click here to fix this immediately” he might want to have that only show up on the computers of lawyers and doctors. When they focus on a certain type of user, they can use much more specific language, and even incorporate terminology and geographical references that make the user less suspicious because it all sounds so legitimate.

How do you avoid this problem?

Since you can’t just avoid going to the websites where malicious ads might appear, how do you keep these ads from infecting your computer?  You can instruct your web browser to not display any ads.

For my computers, I use AdBlock Plus. It’s free at adblockplus.org.

AdBlock Plus is what’s known as a browser extension. This just means it gives your web browser (such as Google Chrome, Mozilla Firefox, Internet Explorer, Safari, and Opera) additional functionality.

In this case the added functionality is the ability to block display ads. I’ve been using AdBlock Plus for quite a few years, and believe me – the web is a much nicer place without all the obnoxious ads to distract you. You can get more details about AdBlocker Plus, and install it in your preferred web browser, at the link listed above.

While you’re on that site, click on the “Features” section, and when you scroll down you’ll see this information listed:

adblocker plus

 

This means that not only are the annoying ads not displayed, but also if a website displays content from a known malicious server, that would also be blocked. It’s just another layer of protection against the bad guys. Of course, they are constantly trying to figure out ways to get past security, so this type of protection may not always work (and it may not work indefinitely). So you can’t just install AdBlock Plus and assume it’s safe to visit any website and click on everything in sight.

When you are on the AdBlock Plus website and viewing the “Disable Malware Domains” as shown above, click on the “open this dialogue” link and make sure the feature is enabled. This is what mine looks like:

AdBlock Plus

 

Those items that are checked are various lists of malware domains and ad servers that are blocked. You can subscribe to any of the lists you want, but I subscribe to all of them.

And a final word about blocking ads. There are some people who feel that ad blocking is an issue of ethics. Their position is that having a website costs the website owner money, and if the site is providing information  or valuable content for free, the site has to have advertising in order to continue. It’s a valid point.

I’m still okay with using AdBlock Plus though, because they have taken this issue into account. The software does not block 100% of advertisements (although you can set it so that it does that if you want). By default, you will still see what are determined to be “acceptable” ads (guidelines here). So you definitely won’t see the ads that are flashing and jumping around on the screen, or the ones that play sound. You know the kind I mean. This way, it encourages the website owners to only display ads that the internet community as a whole considers acceptable. So the site can still make money via advertising.

And as I’ve said before, you still need a strong antivirus and antimalware system in place. And you need to make sure your other software such as Adobe, Java, web browsers, etc. are kept up to date. Don’t give the bad guys any advantage!

listen to my podcast in iTunes

Share this post