Images Are New Playground For Malicious Code, Costing Advertisers Millions

A growing trend of embedding malicious ads within the images of ads could wreak havoc on the advertising industry and cost brands millions this year. 

The practice, known as steganography, makes images the new frontier for malicious ads. It conceals a file, message, image, or video within another file, message, image, or video, according to GeoEdge.

The research suggests that not every publisher's security provider monitors and analyzes images for malicious code. This creates an opportunity to exploit the potential vulnerability in the embedded images in ads running on publisher sites and in-app.

GeoEdge, which provides ad security and verification software, noticed an increase of incidents earlier this year through the company’s technology, but the number of incidents has grown exponentially during the fourth quarter of 2018.

In one example of Experian’s ad, GeoEdge identified a second image that is unseen to those viewing the ad on a desktop or mobile device. The ad, hidden inside the ad request, calls up the embedded malicious code. In this instance, the malicious code was an auto-redirect to a phishing site targeting U.S. users.

Last year auto-redirect malvertising attacks cost the advertising industry about $1.13 billion in lost revenue. GeoEdge expects that number to rise between 20% and 30% in 2019, based on the number of attacks identified this year.

“It’s hard to put an exact dollar figure on it, but the amount could break into the millions of dollars in 2019,” said Amnon Siev, CEO, GeoEdge.

Malvertising and steganography have existed as challenges for years, but the latter recently gained momentum as advertisers began using more images and video in campaigns.

And as the industry increases the amount of campaigns for the holidays, the number of incidents will rise. For instance, DoubleVerify this year identified a new bot network specifically targeting Connected TV devices.

The botnet was uncovered after DoubleVerify noticed 40% spike in traffic from CTV devices, marking the first direct, scaled botnet attack the company identified.

Next story loading loading..