Lurking in banner advertisements on mainstream sites since 2014, a new malware dubbed “Stegano” successfully exposed millions of website visitors until it was discovered recently. Simply put, malvertising is the act of hijacking ad serving networks in order to push exploits onto legitimate websites.
Just viewing the malicious ads infects the unsuspecting user, requiring no active participation from the target.
This particular malware avoids running in virtual machines, and strategically targets users of Internet Explorer. The attackers have been successful at getting their malvertising banners on major websites, showcasing two startling facts: conventional user training like simply avoiding the dark alleys of the Internet will not keep you safe, and browsers are an incredibly vulnerable access point where most of today’s undetected attacks originate.
Generally speaking, society operates under the assumption that hacking only happens to high-profile individuals or those that venture beyond the safer confines of the common Internet. The reality is that mainstream sites often host the most dangerous malvertising campaigns. Any website could be compromised when you visit it, no matter how big or small.
As I mentioned in a guest article on TMCnet in August, “Malvertising on major websites is effective because traditional browsers are ineffective in protecting against these attacks and despite training and security alerts, people will continue to look at the webpages and click the links that are crucial for them to get through their days. As a result, the only likely evolution in malvertising is towards increased targeting of attacks which makes them harder to detect and increases the likely damage to the selected victims.”
What do these evolving forms of sophisticated malvertising mean for Internet users, and possibly more importantly, organizations where people are surfing the web? The browser is the most significant vulnerability on the desktop; and the hackers know it. Attacks are actively and intelligently targeted at specific victims, allowing them to remain undetected for much longer and as a result, are able to use more valuable and effective exploits.
Traditional browsers leave organizations and individuals open to this type of targeted, malicious activity and the industry must consider a new model of browsers that use isolation technology to secure the network. Passages is a secure virtual browser that protects the enterprise from all web-based attacks, including web-delivered malware, watering hole attacks, spear phishing links, passive information leakage, and drive-by downloads. By separating all browsing activity from the local computer and network, Passages empowers users to navigate the Internet without fear of putting infrastructure and data at risk.
To learn more about how you can protect yourself against targeting, phishing, and malvertising, check out our webinar about securing against this triple threat.