Malvertising targets old outdated software. So, according to Confiant, using modern web browsers, ad blockers and keeping the operating system up to date with the security updates can prevent being infected.
Usually, threat actors target malvertising at specific web browsers and operating systems. For instance, those who push exploit kits show ads to Internet explorer users. This is because they target the browser’s vulnerabilities.
For instance, malvertisers pushing exploit kits will show ads to Internet Explorer users as they target the browser’s vulnerabilities. Also, ads pushing the Mac Shlayer Trojan will only show the ads to macOS users.
So, Confiant analyzed 378 million blocked malicious ads between Oct. 15, 2019 – Jan. 15, 2020. Thus, it illustrated how bad guys target companies and government agencies based on the browsers or operating systems.
Some agencies still use Internet Explorer
Microsoft releases new security updates, every month, on Patch Tuesday. This is how they fix , every time, new vulnerabilities in the outdated Internet Explorer browser. Usually, the vulnerabilities become targets of the exploit kits. Thus, these install ransomware, remote Trojans (RATs), password-stealing Trojans etc. Still, there are still organizations that use this browser and keep their networks vulnerable.
Alyia Stein, a Confiant security researcher, explained that, in fact, malvertisers usually target the technology, not the government agencies. It is the case of the United States Geological Survey and the United States Postal service. They both are heavily targeted by malvertising campaigns by Zirconium and Yosec.
According to the report, Macs are targeted even more. Also, outdated browsers remain a huge problem for the Fortune 100 companies. Here, Zirconium takes a huge market share of the malvertising campaigns. In the case of huge companies such as Home Depot, FedEx or Chevron, over 40% of the malvertising attacks come towards outdated browsers. So, specialists advise companies to move their employees towards modern browsers. Moreover, they explain that these provide a more secure auto-updating mechanism.
Most malvertising redirect users to fake giveaways, tech support scams, and adult sites. But exploit kits could also use vulnerabilities to install malware. This would allow attackers to gain access to the networks. Thus, they can steal corporate secrets or compromise more devices. Eventually, they spread ransomware in the network.
Experts say that even when users update their browser and increase security, attackers switch to a different targeting method. In conclusion, the solution would be for organizations to use security software, ad blockers and improve their overall security.
“Updating browsers is important, but at the same time I think that the attackers will just use something else for targeting purposes,” Stein told BleepingComputer.
As malvertising targets old outdated software, government agencies and the enterprise should instead increase their overall security posture. Moreover, this can be done by using security software (even on Macs), web filtering services, ad blockers, and threat intelligence services