80% of Malicious Code from Ads

The Internet security firm Finjan has completed a survey of over 10 million unique URIs recorded in UK traffic and found that online advertising accounts for 80% of all instances of malicious code.

Finjan’s press release says that hackers have enough of an upperhand that they no longer need use backwater servers:

As commercial interests continue to drive e-crime, malicious code is more likely to be hosted on local servers in the US and UK than in countries with less developed e-crime law enforcement policies.

A continuing evolution in the complexity of attacks, specifically the increasing use of code obfuscation using diverse randomization techniques. Over 80% of the malicious code detected by Finjan was obfuscated, making it virtually invisible to pattern-matching/signature-based methods in use by anti-virus products.

Increasing sophistication at embedding malicious code within legitimate content (e.g., ad delivery and translation services) and less dependence on outlaw servers in unregulated countries.

The problem isn’t limited to the usual culprits like porn and warez sites. Respected companies like Yahoo allow third-parties to serve ads within their pages. The click fraud scandal pales in comparison to what can — and will — happen when really bad people insert really bad code on trusted sites.


Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: