When surfing the Web, there are few instances more annoying than unprovoked ads. The sad reality of the Internet – and really the world at large – is that nothing's free and as such, advertising is what's keeping a vast majority of the online experience away from paywalls. That being said, ads posted on some popular websites are doing more than annoying people.
Many prominent sites are becoming unwilling distributors of malware through a system called malvertising. This is where a seemingly innocent website is used as a base for pop-up ads that install malware on the viewer's computer. This type of campaign is ruining the trust reputable websites have built up over the years, and needs more attention as many users don't even know malvertising exists.
Forbes article most recent example
Trend Micro has most recently seen a malvertising campaign in the "30 Under 30" article . This case was extremely interesting, not just due to the malicious ads but because of how Forbes treats advertising on it's site.
Forbes makes its online revenue thanks to advertising. However, many people have turned to software that keeps them from seeing these ads. These ad blockers are great for having a streamlined online experience, but they cut into the profits of the companies creating the content users view. As such, Forbes decided that ad blockers would no longer be allowed while on its website. Users attempting to view an article must turn off their ad blocker before proceeding to the content.
This was a great idea in terms of making up for lost revenue, but it had unexpected consequences. Cyber criminals decided this was the perfect time to strike and procured ad space for their malware. Unbeknownst to the company, Forbes began to distribute malvertising through its article.
While it's important to note that Forbes had no knowledge that it was spreading malware to its readers, the point here is that malvertising is making the Internet a scary place. Once-reputable sites can now be unknown accomplices to cyber crime and as such, users need to take even more care when operating online.
Not the first time this kind of campaign has been seen
Although this particular case is interesting because Forbes specifically asked its readers to turn off ad blockers – thereby spreading the malware even further – this certainly isn't the first time this has happened, nor was it the first time Trend Micro ran into malvertising. Back in September 2015 Trend Micro became aware of a malvertising campaign that was affecting users in Japan.