Inside the Booming, Unhinged, and Dangerous Malvertising Menace

mask.of.sanity writes: The Register has a feature on the online malicious advertising (malvertising) menace that has become an explosively potent threat to end-user security on the internet. Experts say advertising networks and exchanges need to vet their customers, and publishers need to vet the third party content they display. Users should also consider script and ad blockers in the interim. From the article: "Ads as an attack vector was identified in 2007 when security responders began receiving reports of malware hitting user machines as victims viewed online advertisements. By year's end William Salusky of the SANS Internet Storms Centre had concocted a name for the attacks. Since then malvertising has exploded. This year it increased by more than 260 percent on the previous year, with some 450,000 malicious ads reported in the first six months alone, according to numbers by RiskIQ. Last year, security firm Cyphort found a 300 percent increase in malvertising. In 2013, the Online Trust Alliance logged a more than 200 percent increase in malvertising incidents compared to 2012, serving some 12.4 billion malvertisement impressions."

It's getting really bad now

[jez9999]

They're getting ever more sophisticated. I got some sort of malware the other day that actually poses as a Windows update, which puts a permanent icon in my system tray with regular (3 or 4 times a day) popups about a "free upgrade to Windows 10". Luckily I don't fall for that kind of thing but I don't know how I got the virus in the first place.