Malvertising is witnessing the beginning of a new trend using steganography, which describes the practice of concealing a file, image or video within another. This allows malicious advertisers to insert malicious code into ad images.
According to GeoEdge, a company that provides ad security and verification solutions for digital advertisers, malicious code embeds using steganography increased in 2018 with incidents growing exponentially.
For example, information services company Experian had its ad (image below) targeted with second imagery that wasn’t visible to the user, but hidden inside the ad request that called up the embedded malicious code.
Only once the ad appears on the user’s mobile phone or desktop, the code is enabled and could be used to auto-redirect a user to a phishing site.
Besides lost revenue for publishers, the redirects are also causing a negative consumer experience who are taken to sites they did not choose to open potentially exposing their private data.
Auto-redirect malvertising cost publishers roughly $210 million and marketers $920 million in 2017, added GeoEdge. This is set to grow by 20-30% over the next year.
Because the use of steganography in malvertising is still relatively new, images aren’t routinely checked for malicious code making it easier for malvertisers to target them.
It’s basically a vulnerability in the chain right now that GeoEdge is already trying to target with Real-Time Blocking for Publishers, which it launched at the start of 2018 to monitor and eliminate such ad types before they are served.
“The use of steganography increases the sophistication in the constantly evolving arsenal of tactics employed by malicious actors, making a detection technology solution which is updated weekly, daily and even hourly, coupled with real-time blocking, a necessity for publishers today,” says Amnon Siev, CEO of GeoEdge.
The company says it achieved a 90-95% reduction in complaints by eliminating offensive and malicious ad types.