Today I am taking some time to touch on a topic that never gets any press. No major companies who have advertisers want to say anything about it. That would make them responsible!
Here it is. The people who write malicious viruses that damage computers and steal identities are making a lot of money these days. They are buying up advertising and using it to perform browser hijacks so they can plant more viruses on the un-suspecting viewers computers.
Advertising on websites is a lucrative business. Websites that can attract a lot of viewers also attract advertisers. Advertisers want to pay for the right to place their advertisements. Price depends on size, length in time displayed, number of times displayed, targeted time of day, and targeted geographical location.
Most advertisements are now presented using active content. Advertisements are authored in the form of flash movies, windows media streaming content, quick-time videos, animated layered dhtml with live embedded graphics, and so many others I just don’t have time to mention. Active content is worth its salt because it is able to provide an interactive interface to the viewer. People click on anything that attracts their attention or interest. The advertisement could be a duck hunt banner where you “shoot” as many ducks as you like. It could be a nice car from Ford driving across your screen. The point is human nature urges you to click on that! And this user interaction is just the the thing needed to allow malicious code to run.
Most active content authoring software can be used to produce content that performs functions such as opening a new window, recording specific information about the viewers computer, browser, and location. Even reading and writing files to the hard drive for later use. Microsoft has been aware of these periphery type attacks and has been publishing service packs left and right to prevent anything from going through without the users consent.
Then there is human nature. The best place to get a feel for what I am talking about is a casino. Go in and look at people go after the slots. They are driven by want, hope for a better tomorrow, and an un-spoken need to ignore something bad. This is best done mindlessly playing that slot machine. The same is true online. Your dangerous attacker knows you better than you think! There in lies the punch line. He uses your human nature against you in the craftiest ways. You have no idea how sneaky these guys are. So if it pops up and you just “HAVE” to click it, stop! Ask who’s asking, what for, and why! My rule is I need to know who and completely respect that entity. It should be a process I started on purpose (i needed to download a file), and why (downloading the file so I can install that driver). Are you freaked out yet? Don’t be. Just raise your awareness up a notch. Be mindful of where you are going online and pay attention to alerts. They tell you that active content on a page is trying to perform a task that is, well, sort of crossing a line. It is necessary for downloading content. And only you can determine who is doing what and why. Ultimately – you have to allow it.
At first a lot of these attacks were popping up on Face book. They also occur on less than desirable websites. Now these malicious authors are boldly buying up advertising space from big companies you trust. The companies have no idea – for the most part how the authoring is coded. Only that it fits in the purchased space.
Recently, I was called by the Comodo Security Company as a business to buy and sell their software to my customers. That relationship is still in the air. However, during my initial look at this company I ran across a very good video blog with regards to this subject. Here is a link. Sit back and have a listen to this guy!