Malvertising campaign has hit the popular celebrity gossip website, PerezHilton.com, potentially affecting millions of users. Here to comment on this news is Dr Malcolm Murphy, systems engineering manager, Infoblox on the threat posed by these types of attacks, and what organisations can do to stop them.
Dr Malcolm Murphy, systems engineering manager, Infoblox
“This attack is the latest in what seems to be a growing trend for so-called “malvertising” attacks, in which compromised ad servers are used to display fake ads which expose consumers to malware. The BBC, MSN and AOL, among other popular websites, were hit with a similar attack just last month, where visitors were served malicious ads, potentially exposing millions of users to malware.
“Clearly cybercriminals are targeting high-traffic sites to try to encourage a larger number of clicks, and consumers are probably more likely to trust ads which are displayed on well-known, trusted websites. Meanwhile, the malware itself continues to grow in sophistication, often exploiting an organisation’s domain name system, or DNS, as a pathway to connect to a malicious destination or botnet.
“To combat this growing threat, organisations should be making DNS security a top priority. In reality though, DNS servers are often neglected, leaving organisations open to these types of attacks. Reliable threat intelligence will also enable organisations to disrupt malware as it communicates through the DNS, protecting customers from malvertising in the process.”