Malvertising, short for malicious advertising, refers to the use of online ads to spread malware. Cybercriminals embed malicious code within seemingly legitimate ads on websites, which can infect your device when clicked or even just viewed.

Malvertising is a type of cyberattack that plants malicious code into legitimate-looking online advertisements. A vehicle to distribute malware to unsuspecting victims, malvertising is a major problem worldwide and has gained increasing prevalence across the web.

Malvertising is commonly found on high-traffic websites, ad networks, social media platforms, search engines, streaming services, online marketplaces and mobile apps. Cybercriminals target these areas due to their large audiences and extensive ad placements, using them to distribute malicious ads that can exploit vulnerabilities and compromise your security.

What Is Malvertising?

The term “malvertising” comes from a combination of “malware” and “advertising” and involves exploiting online advertisements to spread malware or redirect users to malicious websites. Cybercriminals embed malware in advertisements on major online publications — or even on social media. Trusting these legitimate sites, internet users either load the webpage or click on the ad, which downloads malware onto their device.

How Does Malvertising Work? + Types

Malvertising takes place in the online ecosystem of advertising networks where millions of ads are distributed daily across publisher sites, ad exchanges and ad servers. The complexity and sheer volume of ads involved in this system makes it difficult to thoroughly scrutinize every ad, and there’s no official vetting process in place. Many large websites also use third-party software or vendors to display their ads, and this automated environment leaves ads vulnerable to malvertising.

The typical strategy for malvertisers starts with buying ad space from publishing networks and submitting clean advertisements for a period of time in order to gain legitimacy. After a few weeks, criminals switch their legitimate ads for ones infected with malware, which get circulated across any number of sites a publisher or network is working with.

Infographic covering steps involved in a malvertising attack

Types of Malvertising

There are two main types of malvertising that you should be aware of. Both involve the use of ads to host malware, but their methods of releasing the malware differ.

  • Drive-by download: A drive-by download occurs when harmful software is downloaded onto your computer without any interaction on your part. You can fall prey to the attack just by simply loading the webpage. In the case of malvertising, if a fraudulent ad has compromised the page, your device can be infected as soon as the page loads.
  • Click to download: In a click-to-download scenario, you must interact with the ad for it to infect your device. These ads are designed to mimic legitimate ones, deceiving you into thinking they’re safe and enticing you to click, which triggers the download of harmful software.

Not only are individual users victims of malvertising, but big companies like Google are prime targets, too.

Malvertising vs. Adware

Malvertising is often confused with ad malware or adware, another type of cyberattack that uses advertising as a cover for malicious software. Malvertising refers to malicious code that’s initially embedded in ads on a publisher’s webpage, which only affects the users who view that particular page. 

Adware is a type of malicious software that quietly installs itself on your computer, often bundled with legitimate programs or through deceptive downloads. Once it’s in the system, it runs continuously in the background, displaying intrusive ads, redirecting search queries and sometimes even collecting sensitive information. Adware can alter the appearance or functionality of every webpage you visit, slowing down the computer and leading to potential security risks.

Malvertising Examples

One of the reasons malvertising can be so tough to spot is it’s frequently distributed across the major ad networks and online publishers we already trust. In recent years, there have been increasing counts of large, reputable companies that have fallen victim to malvertising attacks, resulting in their users’ devices becoming infected with malware.

  • Fake Flash update campaign: In 2022 (and before that, too!), attackers used malvertising to distribute a fake Adobe Flash Player update. The ads appeared on popular websites, and clicking on them led to the installation of malware disguised as an update, affecting many users.
  • Google ad network breach: In 2023, Google’s ad network was compromised, resulting in the display of malicious ads across numerous reputable websites. The attack exploited vulnerabilities in ad-serving technologies.

How to Prevent Malvertising: 5 Strategies

Malvertising is a tricky type of cyberattack that can be difficult to detect and mitigate, but your odds of protection are higher if you know what to look for. Here’s how you can properly prevent a malvertising attack.

1. Use a Strong Antivirus

A trustworthy antivirus program can go a long way in reducing your chances of encountering a malvertising attack. Antivirus is the best first line of defense against an array of online threats that lurk around the web, including malvertising and other forms of malware. With real-time protection against malvertising downloads or installation attempts, this is one of the simplest ways you can safeguard your data and devices.

2. Keep Software Up-to-Date

Many malvertising attacks rely on exploiting existing software vulnerabilities as an easy path to infect computer systems. When you update your software, you’re ensuring that any security vulnerabilities are taken care of and not left open to hackers. Taking care to keep your software updated is one of the easiest ways to prevent these types of attacks.

3. Install an Ad Blocker

An effective way to stop malvertising in its tracks is to simply install an ad blocker on your computer. Ad blockers stop ads from being displayed on webpages, and you can’t accidentally click on a malware-infected ad if it never appears on your screen. Keep in mind that this won’t prevent every kind of malvertising attack — like a drive-by download attack that doesn’t need any user interaction in order to infect a device — but it will help mitigate some.

4. Educate Yourself on Safe Browsing Practices

Stay informed about the latest online and social media threats and adopt safe browsing habits. Don’t click on suspicious ads or pop-ups, and only download software from trusted sources. Regularly updating your knowledge of cybersecurity best practices can help reduce the risk of falling victim to malvertising. Finally, be cautious when visiting unfamiliar websites, as they may harbor hidden threats.

5. Use Browser Security Extensions

Enhance your online protection by installing security extensions in your browser. These tools can block malicious ads, prevent pop-ups and detect phishing attempts, adding an extra layer of defense against malvertising and other online threats. Look for extensions that offer real-time protection and are regularly updated to keep up with emerging threats.

What Can Malvertising Do to Your Computer?

A common misconception about malvertising is that if you don’t click on an infected ad, you’re safe. Unfortunately, this isn’t the case, and attacks can happen whether you actually click on the ad or not. Depending on the type of malvertising attack, there are a handful of risks it can pose to your personal data and information.

Personal Data Theft

Some cybercriminals use malvertising to plant spyware on your device that directs your personal data into the hacker’s hands. Malicious ads may also force your browser to redirect to spoofed sites that impersonate legitimate ones as a way to trick you into giving up your login credentials or other information. Hackers might use this data to exploit you further or sell the stolen data on the dark web, where other cybercriminals can use it in other identity theft schemes.

spoofed-sites-trick-you

Financial Extortion

If an infected ad installs ransomware on your computer, the hacker who planted it may carry out an extortion attempt. Ransomware is malicious software that locks you out of your own files, so hackers can turn around and demand a ransom payment before they give you access.

Infographic illustrating different traits of malicious advertising

As technology continues to advance and the number of internet users grows, cybercriminals will continue to look for vulnerabilities in systems and find ways to exploit unsuspecting victims.

Knowing how malvertising attacks work and the warning signs to look for can help ensure your data stays safe from harm. To keep all of your devices properly protected, consider implementing a cross-platform antivirus program to increase your safety and reduce the odds of an attack.