In the war between malvertisers and legitimate advertising networks, the bad guys seems to be winning. Attackers use real-time bidding platforms to place malicious ads on otherwise reputable sites, infect target users and disappear -- often before anyone has even noticed that there's a problem, according to a new report by Fairvax, Vir.-based security firm Invincea, Inc..
Attackers can use the targeting features offered by advertising networks to zero in on victims based on which operating systems and browsers they use, based on their interests, based on their geographic locations, and even based on specific corporate IP ranges.
When the attackers target a wide range of people on a popular website, the malvertising will be noticed and shut down. But if the victims are very narrowly targeted, the attackers can switch out the malvertising for a legitimate ad as soon as their intended victims are infected, and nobody might notice at all.
To continue reading this article register now