Microsoft Windows is still the most widely used operating system in the world, and hence the most actively and commonly targeted by virus creators. However, a new report indicates other lesser-used operating systems, including Apple’s macOS, and even Google’s ChromeOS has begun to experience attacks. Incidentally, the attacks on these operating systems aren’t specifically crafted.
Microsoft Windows has traditionally been the most targeted operating system. Hackers, malware software creators, RATs, and phishing websites are designed to lure unsuspecting and unprotected Windows OS users. However, a new report clearly indicates other operating systems, including macOS, ChromeOS, etc. are now being targeted as well. Simply put, advertising malware is not just hitting Windows users only. ChromeOS and MacOS users are now increasingly at risk for advertising malware on websites.
Microsoft Windows Most Targeted But macOS and ChromeOS Users At Rising Risk Online:
According to cyber-security firm Devcon, 61 percent of the malicious ads they’ve observed from between July 11 and November 22, 2019, were aimed at Windows users. The malicious ads are essentially massive online campaigns “designed to redirect the user to malicious sites or to trick the user into downloading a piece of malware.”
— Aldo Agostinelli (@AgostinelliAldo) December 2, 2019
The high percentage can be easily attributed to the fact that Windows OS has traditionally dominated the market. Hence, malicious software or code created to gain illegal control of the computer or information has a much higher chance of being successful on Windows OS, than the malicious code created for other operating systems.
This explains why, for over 30 years, malware creators have rarely looked beyond Windows OS. Nonetheless, the new report from Devcon does indicate an interesting and concerning shift.
Malware advertising campaign creators have been increasingly targeting other operating systems. According to Devcon, 22 percent of the malicious ads aimed at attacking ChromeOS users, followed by 10.5 percent of macOS, 3.2 percent of iOS users, and 2.1 percent of Android users.
As expected, Linux users continue to remain largely ignored by malware and virus creators. According to the report, a mere 0.3 percent of the computers attacked were running Linux. More importantly, these systems were being used as servers.
The Majority Of Malware-laden Advertisings Can Be Traced Back To Just Three Ad Networks:
Every ad platform that is currently being used in the wild will be attacked at some point, and hackers will attempt to use these networks to launch massive campaigns. Several ad networks are constantly battling against abuse and continually improve their security measures, but a few appear to be passive. Simply put, a few ad delivery platforms seem to be a lot lenient with malware ad campaign creators or abusers.
Our Demand Quality Report provides insights and trends on malicious and low-quality ads in Q3. Download the report. #programmatic #advertising #malware https://t.co/lugwLcehN0 pic.twitter.com/4DlePXLuly
— Confiant (@WeAreConfiant) November 28, 2019
According to a report published last week by ad security firm Confiant, nearly 60 percent of all the malicious ads it recorded in Q3 2019 came from just three ad platforms alone. The company analyzed more than 120 billion ad impressions published in Q3 2019 (from July 1 to September 30, 2019) via 75 advertising networks.
Some of the ad platforms, commonly referred to as Supply-Side Platforms or SSPs, are quite notorious. Confiant found that “a single SSP can be responsible for almost 30 percent” of advertising malware. The company hasn’t publicly released the names of the three ad delivery platforms. However, it strongly claimed that an SSP should be able to quickly detect that its platform is being abused by malware advertisements.
Apparently, such advertisements are quite “noisy”, which basically means that the campaigns show up as data and ad impression spikes. Confiant claimed that malware advertising relies on the power of numbers, and hence, such campaigns, although short-lived, can take up about 14 percent of a platform’s entire ad impressions.