Malicious ads on the rise

Some 1.3 million malicious advertisements are viewed on the web daily, and the average malicious ad lives for more than a week.

In the past few years, malicious advertisements have emerged as a growing attack vector. Just how prevalent these attacks have become is underscored by data from security firm Dasient.

According to the company, some 1.3 million malicious advertisements are viewed on the web every day, with each having an average life 7.3 days. Perhaps just as interesting, Dasient found users are twice as likely to be infected by a malicious ad during the weekend as they are during the week. Often times, attackers will upload a legitimate advertisement to an ad network in the middle of the week before following up with a malicious one a few days later.

A common attack method is for an attacker to compromise the account credentials of an existing legitimate advertiser on an ad network. With that in hand, attackers can replace a legitimate ad with a malicious one, Daswani said.

Most of the time, 59%, malicious ads infect users with malware via drive-by downloads, according to Dasient. The rest of the time (41%) attackers are pushing rogue antivirus. This is backed up in part by research from Google, which found rogue antivirus was responsible for 50% of malware delivered by online ads.

Sources: eWeek, Dasient.