Malware is one of the main threats we face when browsing the Internet from any device. There are many types of malware, but the most dangerous are banking Trojans disguised as fraudulent applications. We have already mentioned before that we can avoid most threats by avoiding downloading applications from unofficial sources and by ignore suspicious linksbut you also have to be careful with ads.
The reason is that advertisements can be used as a means of infect our devices. This is something we know as malicious advertisingterm from words malicious advertising (malicious advertising, in Spanish). Below we explain what exactly this threat consists of.
He malicious advertising It is used to infect our devices with malware
The main danger of malicious advertising is that it can be difficult to detect, which greatly increases the risk of infection. The goal pursued by those responsible for malicious advertising involves infecting victims’ devices through advertisements, something they achieve by injecting malicious code after the victim clicks on a particular ad.
As we read on the Crowdstrike website, on other occasions the victim is redirected to a malicious website that impersonates a company so that the user lets his guard down and ends up downloading malware onto his device thinking it is a known tool.
In order to spread fraudulent advertisements, Attackers Compromise Security of Ad Network. In this way, they ensure that all web pages that use the ad network to display ads are serving malware-infected ads without even knowing it.
It is important to keep in mind that the malicious advertising is the name of the technique used to distribute malware through advertisements, so Risks vary depending on the malware in question: Attackers can infect our computer with banking malware or malware that steals our information, to give some examples.
Malwarebytes recently reported a new case of malicious advertising related to Google Authenticator, the 2FA app. Apparently, the officials had run ads stating appeared when searching for the popular 2FA app on Google. As you might have guessed, clicking on the link took victims to a website pretending to be the company.
Once on the fraudulent website, victims were actually downloading Windows malware that captured user credentialscookies and other information stored in the browser. This is not the only case of malware distributed via Google Ads: a recent campaign impersonated the popular Arc browser to trick users into clicking on the ad.
Given how this threat works, it can be difficult to protect yourself. INCIBE recommends keep our devices always up to date (both the operating system and the applications we usually use) and disable browser extensions that we no longer need.
In addition to the above, it is advisable to download the applications access the official website of the tool instead of clicking on ads. This way we could avoid cases such as malware distributed through websites impersonating Google Authenticator and Arc.
By | Week
Cover Image | Microsoft Designer Image Creator
In Xataka Android | What is malware, what are its types and what can you do if it infects your mobile