In this paper, we summarize our findings regarding in the-wild Flash banners and look at the properties of ad networks that could be leveraged by an attacker. All of these papers lack a significant number of samples, use cases of malicious adverts, and approach the problem from the defensive perspective. It investigates the different sides of the advertising market and covers several security-related problems, from malware distribution to privacy violation. Later, a broader theoretical study was conducted by Angelia and Prishva, addressing the problem of malvertising. The paper is focused on the detection and classification of rogue SWF files and showcases an attack scenario of a malicious ActionScript 2.0 program. , an attempt was made to investigate the problem of malicious Flash banners. included rogue ad networks in their extensive study of web malware, but the major focus was the emerging problem of exploit kits. The problem of malicious ads has been around for a while and there are a handful of papers addressing it. One only needs to use one of the hundreds of web advertising services to reach millions of Internet users. In this case, one does not actually need to hack a website or bother with spam dissemination. Lately, cybercriminals have started using ad networks for this purpose. The key component in this scenario is the redirect page, which is usually a compromised website, spam or a targeted email. Successful exploitation means that the injected shellcode has finished flawlessly and hence accomplished its task: to download and execute a malicious program. If at least one exploit succeeds, the victim is compromised. The exploit kit page then returns an HTML document containing exploits, which are usually hidden in an obfuscated JavaScript code. Various methods of redirection are possible: an iframe tag, a JavaScript-based page redirect, etc. ![]() ![]() The attack begins when a victim visits a malicious website, from which they are redirected to the exploit kit page. One of the most popular attack vectors nowadays is drive-by-download – a malicious page serving malware through browser and plug-in exploits. By visiting a website, we implicitly allow a number of third-party JavaScript and Flash programs to execute in our browsers, and this raises some huge security concerns. Banner networks such as DoubleClick can be seen on most commercial websites and are visited by millions of users every day. A significant part of the web economy is based on web advertising.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |