TMCnet News

Bromium Research Highlights Severe Risk of Malicious Ad Networks; Virus Bulletin presentation reveals high profile websites targeted by malvertising
[September 26, 2014]

Bromium Research Highlights Severe Risk of Malicious Ad Networks; Virus Bulletin presentation reveals high profile websites targeted by malvertising


(M2 PressWIRE Via Acquire Media NewsEdge) LONDON (UK) -- Bromium, Inc., the pioneer of a new model of endpoint security using micro-virtualization, presented a research report at Virus Bulletin 2014 that highlights the severe risk of malicious ad networks infecting end users. This research provides a real-world study of malvertising captured on YouTube, Yahoo and several top Alexa sites to demonstrate how obfuscated JavaScript delivers malicious code through Flash ads.



Bypassing ad network defences provides the perfect opportunity for attackers to target millions of users, so it is no coincidence that there has been an uptick in the number of malvertisments, said Rahul Kashyap, chief security architect, Bromium. The scale of this problem is as large as the Internet itself.

In this research report, Bromium explains how a malicious ad network on YouTube would deliver obfuscated JavaScript code through Flash movies. The code added an iframe to redirect users to a malicious URL serving the Styx exploit kit, a well-known banking Trojan. In the past six months, the percentage of malicious pages detected on YouTube has decreased overall, even as more Trojans have been created, which suggests attacks have improved in obfuscating malicious content.


Bromium notes a key feature of ad networks is the ability to target certain audiences, such as users of a specific browser or operating system. A similar functionality is usually implemented in exploit kits, which provide cyber criminals with automation to test and selectively deploy malware on vulnerable machines. Malvertising is not targeting ads, it is targeting victims.

Bromium research concludes that the scale of Web advertising is too great to realistically review all rich media for malware, and detection-based solutions can be easily circumvented or result in unacceptable rates of false alarms. However, isolating the content with micro-virtualization or blocking it may greatly mitigate the threat.

To read the Bromium report on malvertising, please visit: http://www.bromium.com/sites/default/files/bromium-report-optimized-mal-ops.pdf About Bromium, Inc.

Bromium is re-inventing enterprise security with its powerful new technology, micro-virtualization, which was designed to protect businesses from advanced malware, while simultaneously empowering users and delivering unmatched threat intelligence to IT. Unlike traditional security methods, which rely on complex and ineffective detection techniques, Bromium protects against malware from the Web, email or USB devices, by automatically isolating each user-task at the endpoint in a hardware-isolated micro-VM, preventing theft or damage to any enterprise resource. Bromiums technological innovations have earned the company numerous industry awards including being named as a CNBC Disruptor and a Gartner Cool Vendor for 2013. Bromium counts a rapidly growing set of Fortune 500 companies and government agencies as customers, including NYSE and BlackRock.

www.bromium.com Follow Bromium on Twitter: https://twitter.com/bromium Lara - Eskenzi PR +44 (0)207 183 2834 [email protected] .

(c) 2014 M2 COMMUNICATIONS

[ Back To TMCnet.com's Homepage ]