What Is Malicious Advertising?
Malicious Advertising (Malvertising) Definition
Short definition:
Malvertising or malicious advertising is a technique used by threat actors to redirect users to malicious websites. After injecting malicious code into legitimate online advertising networks, they have the chance to trick users who click on legitimate-looking advertisements to connect malicious or compromised servers.
Extended definition:
Malvertising uses online advertisements to spread malware and compromise computer systems. Malicious actors inject unwanted or malicious code into ads and then release the same ads via legitimate online advertising networks. Infected ads could be displayed on various websites. Visitors of these sites are exposed to the potential risk of infection with malware.
Malicious advertising can lead to the following outcomes when users click a malicious ad:
- Connecting users’ machines to malicious or compromised servers.
- Executing exploit kit that determines which vulnerabilities exist on the system.
- Enabling threat actors to exploit existing vulnerabilities by installing malware or adware on the computers.
- Redirecting browsing sessions to malicious websites, instead of the target sites initially suggested by the adverts.
- Redirecting browser to malicious websites designed to look very similar to popular legitimate sites. Such sites may serve for the realization of phishing attacks.
Type of advertising formats that may be misused for malvertising:
- Banner ads.
- Pop-up ads.
- Video ads.
- In-text link ads.
- Social media ads.
- In-game ads.
- Im-app ads.
- Email ads.
- Email ads.
For more definitions, check our Cyber Dictionary.