Malvertising or “Malicious advertising”, is the use of online advertising to distribute malware with little to no user interaction required.
Malicious actors hide a small piece of code deep within a legitimate looking advertisement, which will direct the user’s machine to a malicious or compromised server. When the user’s machine successfully makes a connection to the server, an exploit kit hosted on that server executes.
An exploit kit is a type of malware that evaluates a system, determines what vulnerabilities exist on the system, and exploits a vulnerability. From there, the malicious actor is able to install malware by utilizing the security bypass created by the exploit kit.
The additional software could allow the attacker to perform a number of actions including, allowing full access to the computer, exfiltrating financial or sensitive information, locking the system and holding it ransom via ransomware, or adding the system to a botnet so it can be used to perform additional attacks. This entire process occurs behind the scenes, out of sight of the user and without any interaction from the user. [https://www.cisecurity.org/blog/malvertising/]
Become a guest blogger on the Tech Teachers web siteAre you a Computer Applications Technology teacher with something to say? Would you like to see your thoughts published here on Tech Teachers? Fill in the form below and upload a PDF or Word document with your text content, no images required.