Site Advertising containing MalWare which can infect a PC simply by
visiting a traditionally trusted site.
Drive by downloads, where visiting a site and malware is downloaded and/or
installed, is nothing new and has been happening for quite some time now.
However users visiting sites running ads can be compromised if there is
MalWare in advertising. The site itself may
be legitimate, but the ads may contain malware.
Even if the ad-serving site is legitimate, the advertiser themselves may be
trying to distribute malware via advertising.
Once again this technique is not new, but it is in the news again.
Drive by Download Malware prevention
can be helped with 'bad site' lists, however both the visited site and the
advertising site may pass these tests. The 'bad' site list can still help
minimise malware by blocking the ultimate malware source if a malware site is
Many Security software programs these days come with a 'bad' site list which can
help block advertising malware.
Malware in Advertising can also be blocked by Security software which can detect
malware being downloaded and/or installed via ads with malware.
This detection of the drive by download can be either via the signature of the
malware, or by it's characteristics (ie: heuristic detection).
User's should also keep their web browsers up to date with Security patches to
minimise the chances of malware compromising their systems from the web.