Report: 3 million malvertising impressions served per day

Report: 3 million malvertising impressions served per day

Summary: According to data released by Dasient, the company observed a 100 percent increase in malvertising attacks from Q3 to Q4 2010, from 1.5 million malvertising impressions per day in Q3 2010 to 3 million malicious impressions in Q4.

SHARE:
TOPICS: Malware, Security
3

According to data released by Dasient, the company observed a 100 percent increase in malvertising attacks from Q3 to Q4 2010, from 1.5 million malvertising impressions per day in Q3 2010 to 3 million malicious impressions in Q4.

Some highlights from the report:

  • The average lifetime of a malvertising campaign has dropped for the second consecutive quarter in a row -- down to an average of 9.8 days, as compared to 11.1 in Q3, and 11.8 in Q2.
  • Malvertisers typically mount their attacks on weekends, during which IT departments are slower to respond, as we have seen in previous quarters, and continued to see in Q4 2010 as per the figure below.
  • Over the past year, we’ve estimated that over 4 millions domains have been infected.
  • After three months of web browsing, the probability that an average Internet user will hit an infected page is approximately 95%.

Cybercriminals usually engage in malvertising attacks in situations where they cannot obtain compromised access to high value, high trafficked web sites. By relying on social engineering techniques to trick major ad networks into serving their malicious content, they get the multi-million impressions exposure that they're looking to get.

It's the higher click-through rate achieved that matters, with the ads appearing on trusted and high trafficked web sites. In some cases, the click-through rate from even a short-lived campaign can outpace, the click-through rate from a well coordinate blackhat SEO (search engine optimization) campaign.

According to Dasient, the malicious attackers usually rely on remnant advertising, that is advertising inventory which isn't sold until the last minute, and work typically on the weekends, with the idea to increase the average time it would take for an IT department to take down the malvertising campaign. Similar studies conducted by Google indicate that the most typical content served is fake security software also known as scareware.

Users are advised to browse the Web in a sandboxed environment, using least privilege accounts, NoScript for Firefox, and ensuring that they are free of client-side exploitable flaws.

See also: Research: 1.3 million malicious ads viewed daily

Topics: Malware, Security

Dancho Danchev

About Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

3 comments
Log in or register to join the discussion
  • I give up. What makes them "mal"?

    I mean, any more mal than the other ads.
    Professor8
  • RE: Report: 3 million malvertising impressions served per day

    They take you to attack sites that install malware on your computer thats why they are called malvertising.
    Face book is full of them, I gave up reporting all the scam ads on facebook and now just block all facebook advertising.
    vaughanm
  • RE: Report: 3 million malvertising impressions served per day

    It's now very rare for anyone using Win 7 and IE8/9 to ever be caught by simply clicking on a website. However, the problem is people givng executable programs free reign on their system even after moving through various warning dialogs.

    While most of us laugh at the fake virus scanning product ads and list of supposed viruses we have installed, less techie users simply read their computer is infected and they have to click here and download the program to fix it. If the malvertising is graphically similar to OS windows or security programs then they'll blithely run anything.

    Just took a root kit off an XP laptop running IE. The owner admitted to simply believing the pop-up ads, downloading the software and ignoring warnings and then running it.

    Against stupidity the gods themselves contend in vain ;-)
    tonymcs@...