According to researchers, since August 2019, a hacker group has been taking over ad servers and inserting malicious ads into their ad inventory that redirect users to malware download sites. The hackers are targeting ad networks running old versions of the Revive open-source ad servers.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
I’ve been on the record before about the digital ad and affiliate world not always being a safe world. With this recent hack into ad servers, it’s really the online users and digital site owners that are feeling the negative impact.
Digital and e-commerce sites are now unknowingly hosting these ads from bad actors, holding malicious code. When visiting a site, a user expects a smooth and trusted experience. Coming to a site and experiencing redirects and malware gives the user a negative impression and tarnishes the site’s brand and reputation.
When users visit a website, malicious code redirects them to sites where their browsers and servers start to download malware. Browsers are like the new supercookie, with users often downloading extensions and malware like this unknowingly.
To add to this, the malware downloaded on users’ browsers then follows them as they browse the internet. When visiting sites in the future, the malware then shows up as injected ads and pop-ups, further interrupting a site’s perceived reputation and user experience. While this is all happening on the client side, website owners have no visibility into any of this.
The user’s privacy, data and user experience is at risk, while the site owner’s reputation and revenues are also at risk. Users should keep their browsers updated and use anti-virus solutions, while digital site owners should look for browser-malware protection solutions that can give them visibility into client-side malware on their site.