Cyphort Labs Issues Special Report on the Rise in Malvertising Cyber Attacks

Cyphort Researchers Find Malvertising Campaigns Increased 325 Percent Through Early 2015

August 26, 2015

4 Min Read


Santa Clara, CA: August 25, 2015 – Cyphort, a pioneer of Advanced Threat Defense (ATD) solutions, today released a special report ‘The Rise of Malvertising,’ that looks into the practices used by cyber criminals to inject malicious advertisements into legitimate online advertising networks. Cyphort researchers found that malvertising campaigns carried out by hackers increased 325 percent in the past year. 

Earlier this year, Cyphort Labs discovered a compromise of the AOL Ad-Network that led to major websites such as, and being infected with malware. In fact, Cyphort’s researchers began detecting malvertising campaigns on in early 2015.

How Does Malvertising Occur?

Malvertising campaigns start when cyber criminals launch attacks through deceit or by infecting the ad supply chain including ad networks, ad exchanges and ad servers. Often times, the hackers will put legitimate ads on trustworthy web sites to build up support. They are basically trying to trick the network by appearing to look legitimate. Once trust is built, the hacker inserts malicious code or spyware behind the ad on a limited basis, just long enough for malware to be launched. Malware is then unknowingly incorporated into web pages through a corrupt or malicious ad. Consumers are the most direct victims, as their computers and contained files are infected by simply clicking on a malicious ad or, in some cases, by simply going to a site they visit frequently.

“Cyber criminals always look for the least point of resistance when attacking networks, making malvertising campaigns an enticing way for them to commit fraud and steal proprietary information from unsuspecting corporations,” said Dr. Fengmin Gong, Cyphort’s co-founder and chief strategy officer. “By issuing this newest report, Cyphort hopes that companies and end users will walk away with a better understanding of malvertising, how it occurs, its pervasiveness and what can be done to prevent it.

The problem of malvertising isn’t going away and cyber criminals will continue finding way to monetize their attacks. According to theAssociation of National Advertisers, ad-fraud will cost global advertisers more than $6 billion in 2015. Cyphort believes this number will continue to skyrocket in the coming years. Much like advertisers, site publishers can be blamed for malvertising attacks. If a user is infected, chances are he or she will have second thoughts about returning to the site.

Combating Malvertising Attacks

Malvertising attacks will only likely increase throughout 2015 and into 2016. Cyber criminals looking to carry out malvertising attacks look for the point of least resistance such as the hosting sites. From there victims can be targeted by industries, specific interests, geo locations and so on. Today’s common network detection tools won’t get the job done when it comes to identifying and combating malvertising. It is the responsibility of the web property owners (hosting sites), ad networks and web surfers to secure proprietary and keep the hackers at bay.

To help the web property owners (hosting sites), ad networks and web surfers combat the growing threat of malvertising campaigns, Cyphort Labs recommends the following steps to implement an effective cybersecurity defense:

1.       Advertising networks should use continuous monitoring that utilize automated systems for repeated checking for malicious ads.

2.       Scans should occur early and scan often, picking up changes in the complete advertising chains instead of just ad creatives.

3.       Ad networks should leverage the latest security intelligence to power their monitoring systems to stay up to date with global threat.

4.       Individuals should avoid “blind” surfing to reduce their exposure to drive-by infection. Keeping your computer system and security software patched timely will go a long way in protecting you when you do have to venture in the “dark night.”


Dr. Gong added, “Consumers will continue to be the most direct victims of malvertising campaigns, as their computers can be infected when they simply click unsuspectingly on a malicious ad or, in some cases, by simply going to a site they visit frequently. Hopefully consumers will keep their devices updated with the latest security patches available to download.”

To read the full Cyphort Malvertising Malware Report, visit:

About Cyphort

Cyphort is an innovative provider of Advanced Threat Protection solutions that deliver a complete defense against current and emerging Advanced Persistent Threats and targeted attacks. The Cyphort Platform continuously monitors web, email and internal network traffic for malicious behavior and threat movement across the organization, correlates threats to incidents, and provides contextual, risk-based prioritization for immediate containment of any threat activity. Cyphort’s software-based, distributed architecture offers a cost effective, high performance approach to detecting and protecting the entire organization against sophisticated attacks. Founded by experts in advanced threats, Cyphort is a privately held company headquartered in Santa Clara, California. For more information, please visit: 

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights