Malware Embedded in Advertising – What is the Solution?

Posted: November 13, 2007 in Malware, Prevention, Security Governance, Threats

Malware is everywhere and becoming one of the most common security threats in the industry.  The link below provides some insight into the seriousness of this issue.

There really is not a great solution for this problem at this time, but how can a company that serves adds mitigate the risk.  There are several ways.

  1. Ensure all ads that are uploaded are hashed in some way to ensure the add being delivered is the add uploaded by the client.

  2. Use file monitoring tools like tripwire on image servers to help ensure that adds are not modified.  This will also help provide proof if there is an actual attack on the add server.

  3. Scan adds with anti-virus software.  Although this will not catch everything it will catch some of the files.

  4. Scan adds for known malware URL’s to prevent phishing type attacks.  (This is like a signature based solution and takes a great deal of maintenance to keep up with the attackers)

  5. Hope someone comes up with a good solution that can regularly scan all the adds for malware.

The above will help limit the liability of the ad company serving adds and has some preventive measures that can be implemented to protect both the add companies brand and their customers who may be uploading malware adds without knowing it.

Advertisements
Comments
  1. sajeev says:

    Use Firefox and noscript add on, this will prevent untrusted sites running executables on your browser.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s