By Nick Biasini, Chris Neal and Matt Valites.

Executive summary

One of the trickiest challenges enterprises face is managing the balance between aggressively blocking malicious advertisements (aka malvertising) and allowing content to remain online, accessible for the average user. The days of installing a basic ad blocker on your web browser and expecting full protection are gone. Between the sites that require them to be disabled and the ability for advertisers to pay to evade them, ad blockers alone are not sufficient. 

As this blog will cover in detail, malvertising is a problem not strictly associated with basic web browsing. It can also come with other software programs including adware or potentially unwanted applications (PUA). These latter examples require the most attention. In today’s enterprise, an aggressive approach to advertising is required to be protected against malicious threats. That may include securing your DNS or adding additional layers of inspection through a firewall, intrusion prevention system, or a web security platform. Regardless of the approach, it needs to be thorough and take into account not just the security impacts, but the potential of cascading impact on your users. 

Advertising is a key part of the internet as a whole and, whether you realize it or not, is one of the most foundational aspects of it. It is one of the reasons that a large chunk of the content available on the internet is free. It allows people to support their passion projects, their small businesses, and the food blogs of people around the world. However, it is a highly complex and convoluted system that is ripe for abuse. This is an issue that should not be ignored by the public, as these malicious ads can deliver malware out of nowhere and trick traditional internet users who may not be aware of the threats that exist on some pages.

This blog is going to walk through how online advertising works, what malvertising is and why it’s dangerous including real life examples, and finally the options that exist for organizations and private citizens to try and protect themselves from these threats.



Talos Group

Talos Security Intelligence & Research Group