One major source of revenue on the Internet is advertisements. One view, one hover of your mouse, one click: everything is counted and converted into money paid by the advertisers to the owners of the website where the ad is displayed. This is not bad per se as it provides visitors with “free”* content while still maintaining a revenue stream for the content providers. Interestingly, not only honest companies have embarked on online advertising, but the evil side has also discovered advertisements to spread their malware.

As outlined in a previous article (“Malware, Ransomware, Doxware and the like”), attacking end-user computers is a multi-billion dollar business run by professional, but illegal, enterprises. Many different attack vectors are employed, such as phishing e-mails, malicious attachments, or targeted attacks against companies and their employees. Or attackers even try to infiltrate major websites and hide malware within. If an unfortunate user accesses that website, his or her vulnerable computer is compromised and his or her private life is gone (see our article on “Drive-bye”).

Alternatively, the malicious evil-doers just buy themselves into one of the big advertisement network distributors (“ad networks”, see https://en.wikipedia.org/wiki/Advertising_network for examples) and hope that their malicious advertisements (“malvertisements”) are properly distributed and shown on major websites. Superficially, their malvertisements promote fake products or services. Behind the scenes, however, the malvertisement tries to exploit vulnerabilities in your web browser, its plugins, or in your operating system.

Although the ad distributors generally do a good job of blocking such malvertisements, it’s a cat and mouse game. Malvertisements might affect major legitimate and popular websites: news outlets, public transport webpages, feeds in Facebook or Twitter, etc. In such cases, our motto “Stop – Think – Don’t click!” can’t be applied. Instead, it is of the utmost importance that you keep your operating system and all applications, in particular your web browser, up-to-date. Make sure that the respective update mechanism is set to “automatic” so that your devices download and apply fixes as soon as possible. If available, install and run antivirus software and remember that CERN’s antivirus software for Windows computers and Macs is free for you to also use at home. Good luck!

*The “free” has been put in inverted commas as, unfortunately , advertisements nowadays often come with tracking algorithms that monitor your activity and try to gather more information about you and your computer (e.g. your location, keyboard language, operating system type). If you don’t like this, consider using ad blockers or browser extensions for more privacy.

__________

Do you want to learn more about computer security incidents and issues at CERN? Follow our Monthly Report. For further information, questions or help, check our website or contact us at Computer.Security@cern.ch.