Waxaa jira habab badan oo loo isticmaalo in lagu waxyeeleeyo dadka isticmaala internetka^(Internet) si xogtooda ay u helaan dambiilayaasha internetka. Marka kombuyuutarku uu xumaado, dembiilayaasha internetka waxay isticmaali karaan xogta isticmaalaha wax kasta oo ay rabaan. Dhacdooyinka noocan oo kale ah waxay xitaa keeni karaan xatooyo aqoonsiga^{(Identity Theft)(Identity Theft)} , halkaasoo dambiilayaasha internetka ay u isticmaalaan aqoonsigaaga qaadashada deynta, iwm. oo ay kuugu tagaan jahwareer. Hababka badan ee cusub ee wax u dhimista kombiyuutarka waxaa ka mid ah –  Malvertising . Aan eegno waxa xumaanaya iyo sida loo ilaaliyo badbaadada iyadoo la iska ilaalinayo.

Waa maxay Malvertising

Xayeysiis xumo ama xayaysiis xumo waxay ka kooban tahay laba kelmadood: Malicious + Advertising . Tani kaliya maahan xayaysiisyada marin habaabinta xaasidka ah ee ku soo jiida isticmaalayaasha shabakadaha phishing . Malvertising waxay ku saabsan tahay waxyeeleynta kombiyuutarkaaga, adigoo soo dejinaya kood xaasidnimo gaaban oo gaaban, markaad dul heehaabto ama gujiso xayeysiis. Xayeysiisyada qaar ayaa xitaa soo dejin doona kombuyuutarkaaga kood xaasidnimo ah, iyadoo shabakadu wali ku shubanayso gadaasha. Xaaladahan oo kale, adoo si fudud u booqanaya mareegaha, isticmaalayaashu waxay ku qaadi karaan cudurka iyada oo loo marayo Drive-by-downloads .

Dembiilayaasha internetka ayaa xayeysiis u isticmaalaya si ay u jabsadaan kombayutaradaada. Maadaama xayaysiisyadani ay u muuqdaan kuwo run ah, isticmaalayaashu waxay ku dhajiyaan iyaga oo rajeynaya in la geeyo shabakad, halkaas oo ay ka heli karaan macluumaad dheeraad ah oo ku saabsan xayaysiinta. Si kastaba ha ahaatee, halkii dib loo hagi lahaa, ficilka gujinta ayaa kicinaya soo dejinta kood yar laakiin xaasidnimo leh kombuyuutarrada isticmaalaha. Dhab ahaantii, infekshanku wuxuu xitaa si aamusnaan ah ugu dhici karaa gadaasha, xitaa marka xayeysiisku uu ku shuban yahay browserka. Maadaama shabakadaha xayeysiiska ah ee u adeegaya xayeysiisyadani ay yihiin kuwo aad u weyn, waxay ku dhowdahay wax aan macquul ahayn in la aqoonsado qofka ama ururka ka dambeeya xayaysiisyada xunxun. Shabakado badan oo caan ah ayaa sidoo kale ku dhamaada iyagoon ogayn inay u adeegaan xayaysiisyadan oo kale iyadoon wax ujeeddo ah lahayn, maadaama aanay garanayn in xayaysiisyadu yihiin kuwo xaasidnimo leh.

Sidee buu u shaqeeyaa Malvertising

Midna uma baahna inuu jabsado mareegaha si uu xayeysiisyo xunxun ugu dhejiyo mareegahaas. Taa baddalkeeda, dambiilayaasha waxay adeegsadaan shabakadaha xayeysiiska si ay u geliyaan xayeysiiskooda kumanaan milyan oo mareego ah. Hadii aad taqaano sida uu u shaqeeyo xayaysiisyada intarneetka^(Internet) , waxaad ogaaneysaa in marka xayeysiinta la soo gudbiyo, ka dib markii la baaray, lagu soo riixo internetka^(Internet) halkaasoo ay ka muuqato mareegaha la xiriira ereyada muhiimka ah ee isticmaalayaashu ay qoraan nooc kasta oo macluumaad ah.

Dembiilayaasha internetka waxay isticmaalaan xayeysiis bandhig si ay u qaybiyaan malware. Waxyeellooyinka suurtagalka ah ee weerarka waxaa ka mid ah kood xaasidnimo ah oo ku qarsoon xayeysiis hal abuur leh (sida faylka swf), kuwa la fulin karo ee ku dhex jira bogga internetka, ama ku jira soo dejinta software. Dhammaan madbacadaha mareegaha iyo mareegaha ayaa ah bartilmaameedyada suurtagalka ah ee qorayaasha malware-ka ee isku dayaya inay faafiyaan software-kooda iyagoo ku dhex qarinaya kood xaasidnimo ah faylka SWF ( Flash ), faylka GIF ama bogga soo degaya.

Haddi xayaysiiye ama wakaalad ay ku siiso xayaysiis cudurka qaba, kombayutarkaaga, iyo macluumaadkaaga gaarka ah, iyo ta booqdayaasha boggaga, waxay la kulmi karaan waxyeelo halis ah. Shabakadda Google-ka Anti-Malvertising.com^{(Google’s Anti-Malvertising.com website)} waxa ay leedahay dhawr tibaax oo daabacayaasha xayaysiiska ah iyo milkiilayaasha mareegaha laga yaabaa inay rabaan inay eegaan^{(check out)} .

In kasta oo shabakadaha xayaysiisyada sumcadda leh ay ka baaraandegaan xayeysiisyada arrimaha muuqda, sida ereyada la mamnuucay, alaabada la mamnuucay, iwm., iyada oo aan si sax ah loo baarin koodka, khaladaadku way simbiriirixan karaan! Xaaladdan oo kale, shabakada xayeysiisku waxay malaayiin isticmaalayaasha ah gelisaa khatar iyagoo ku soo bandhigaya xayaysiisyada faafa ee mareegaha kala duwan. Waxaana weli jira shabakado kale oo xayeysiis ah oo laga yaabo inay xitaa iska indhatiraan xumaanta noocaas ah, iyagoo doonaya inay lacag fiican helaan.

Xaaladaha kale, dambiilayaasha waxay sheeganayaan inay matalaan machadyo dhab ah, waxay si toos ah ugu gudbiyaan xayeysiisyo nadiif ah mareegaha halkii ay ka ahaan lahaayeen shabakadaha xayeysiiska. Ka dib, waxay ku dhejiyaan kood xaasidnimo xayeysiis ah oo lagu soo dejiyo kombuyuutarrada isticmaalayaasha kuwaas oo gujinaya xayeysiisyada mareegaha. Muddo ka dib, marka la gaaro bartilmaameedka, dembiilayaasha ayaa ka saara xeerka. Xayeysiintu halkaas ayay ku sugnaanaysaa muddada heshiiska. Inta u dhaxaysa^(Between) lifaaqa iyo ka saarida koodhka, dambiilayaasha waxay helaan inay jabsadaan kombiyuutaro badan, sidaas darteed, macluumaad badan oo ku saabsan isticmaalayaasha internetka ee^(Internet) kala duwan ayaa gacantooda ku jira. Waxay u isticmaali karaan macluumaadkan ujeedo kasta oo ay rabaan.

Sida Looga Fogaado Waxyeelada

Taxadirku^(Precaution) waa furaha kaliya ee lagaga fogaanayo xumaanta. Xayeysiisyada xaasidnimada leh waxay ka soo muuqan karaan xitaa mareegaha caanka ah. Haddi xayaysiis kasta uu u muuqdo mid rajo leh, iska ilaali. Tusaale ahaan, soo baxayo sheegaya inaad tahay booqdaha 100aad oo lagu doortay abaal-marin – iska illow. Ka fogow wax kasta oo kuu ballan qaadaya sida lacag, hadiyado, kuubannada dhimista, iwm. bilaash. Mar haddii xayaysiisyada ka soo baxa mareegaha ay yihiin natiijada xayaysiiyayaasha shabakadaha, iyaga ayay ku xidhan tahay inay hubiyaan xayaysiisyada koodka xaasidnimada leh. Intooda badan waxay hubiyaan aflagaadada luqadda oo daabac xayeysiisyada. Maalmahan, shabakadaha caanka ah sida shabakadda Google AdSense waxay hubiyaan koodka oo dhan, laakiin weli waxaa jiray kiis naadir ah, halkaas oo xayaysiisyada xunxun ay soo galeen.

Waxa jira qaar ka mid ah aaladaha lagu ogaado khalkhalgelinta daruuriga ah ee daruuriga ku salaysan iyo xalalka, kuwaas oo bixiya aragti ku saabsan iyo xakamaynta badbaadada xayaysiisyada khadka ee loogu adeego mareegaha. Daabacayaasha waaweyn ayaa laga yaabaa inay rabaan inay hubiyaan doorashadan. Isticmaale ahaan, hubi inaad haysato software ammaan oo wanaagsan oo baro caadooyinka wax baadhista oo badbaado leh. Xusuusnow inaad ilaaliso nidaamkaaga hawlgalka iyo software-kaaga rakiban, oo ay ku jiraan browser-yada, had iyo jeer la cusboonaysiiyo.

Tusaalooyinka dhow ee Malvertising

^(Certain)Xayeysiisyada qaarkood ee DeviantART.com waxay u weeciyeen isticmaaleyaasha bogga Shabakadda Rakibaha ugu Wanaagsan si loogu rakibo Codsiyada suurtagalka ah ee aan la rabin isticmaalayaasha aan shaki lahayn. ^{(Optimum Installer)}Hackers-ku waxay wax u dhimeen Shabakadda Xayeysiiska ee Clicksor^{(Clicksor Ad Network)} si ay u qaybiyaan malware. Qalabka ' Blackhole Exploit^{(Blackhole Exploit)} ' waxaa lagu qaybinayey shabakadda Clicksor Ad Network^{(Clicksor Ad Network)} iyo kuwa kale. Kiis kale oo aad u dhow, ka faa'iidaysiga Java ayaa lagu adeegi jiray xayeysiisyada Java.com , ayaa sheegay Fox IT.com .

Infographic Tani waxay tusinaysaa sida Malvertising ^{(Infographic)}u^{(Malvertising)} shaqeyso.

Haddaba waxaa muhiim ah in madbacadaha ay adeegsadaan oo keliya shabakadaha xayeysiiska ah iyo kuwa isweydaarsada kuwaas oo leh habab baaris oo xooggan kuwaas oo qaadaya tallaabo degdeg ah, marka la helo dhacdooyinka Malvertisements, si looga hortago faafitaanka malware-ka ee nidaamyadooda, iyo sidoo kale xakameynaya waxyeelada waxaa sababi kara.

Baakadaha xun^(Bad) , nugul iyo kuwa aan sugnayn inta badan waa la dhimaa. Markaa sidii aan horeba u soo sheegay, iska hubi inaad haysato software ammaan oo wanaagsan oo bar caadooyinka wax baadhista oo badbaado leh. Xusuusnow inaad ilaaliso nidaamkaaga hawlgalka iyo software-kaaga rakiban, oo ay ku jiraan browser-yada, had iyo jeer la cusboonaysiiyo.

Stay safe!

Malvertising attacks: Definition, examples, protection, security

Thеre are many methods being used to compromise υsers of the Intеrnet so that their infоrmation can be obtained by cyber-criminals. Once a computer is compromised, the cyber-criminals can υse the user’s data for anything they want. Such events may even result in Identity Theft, where cyber-criminals use your identity for taking loans, etc. and leave you in a mess. Among the many newer methods of compromising a computer is –  Malvertising. Let us take a look at what is malvertising and how to stay safe by avoiding it.

What is Malvertising

Malvertising or Maladvertising contains two words: Malicious + Advertising. This is not just about malicious misleading advertisements that lure users to Phishing websites. Malvertising is about compromising your computer, by downloading a short malicious code on to it, when you hover on or click on an advertisement. Some adverts will even download malicious code to your computer, while the website is still loading in the background. In such cases, by simply visiting a website, users can get infected via Drive-by-downloads.

Cybercriminals are using advertisements as a means to hack into your computers. Since these advertisements look genuine, users click on them expecting to be taken to a website, where they can get more information about the advert. However, instead of being redirected, the click action triggers a download of a small but malicious code to users’ computers. In fact, the infection can even take place silently in the background, even as the ad is being loaded by the browser. Since the ad networks serving these ads are pretty huge, it is nearly impossible to identify the person or organization behind the malicious advertisement. Many popular websites too end up unknowingly serving such adverts without any harmful intent, as they do not know that the adverts are malicious.

How Does Malvertising Work

One does not need to hack a website to place malicious advertisements on that website. Instead, criminals use advertising networks to insert their advertisements on thousands of millions of websites. If you know how advertising on the Internet works, you know that once an ad is submitted, after scrutiny, it is pushed into the Internet where it appears on websites related to the keywords typed by users for any kind of information.

Cyber-criminals use display advertising to distribute malware. Possible vectors of attack include malicious code hidden within an ad creative (such as a swf file), executables embedded on a webpage, or bundled within software downloads. All web publishers and websites are potential targets for malware authors attempting to spread their software by hiding malicious code within an ad’s SWF (Flash) file, GIF file or landing page.

If an advertiser or agency provides you with an infected ad, your computer, and personal information, and that of your site’s visitors, can be exposed to serious harm. Google’s Anti-Malvertising.com website has a few tips ad publishers and website owners may want to check out.

Although reputed advertising networks do scrutinize the ads for the obvious factors, like banned words, prohibited products, etc., without proper scrutiny of the code, malvertisements can slip through! In such a scenario, the ad network places millions of users at risk by displaying infectious advertisements on various websites. And there are yet other ad networks who may even ignore such malvertising, for the lure of good money.

In other cases, criminals claim to represent genuine institutions, submit clean adverts directly to the websites instead of ad networks. Later, they attach malicious code to the advert that is downloaded to computers of users who click on the adverts on websites. After a while, when the target is met, the criminals remove the code. The advert stays there for the contract period. Between attaching and removing the code, the criminals get to hack plenty of computers, and thus, much information about different Internet users is at their hands. They can use this information for any purpose they like.

How To Avoid Malvertising

Precaution is the only key to avoid malvertising. Malicious ads can appear even on reputed websites. If any ad looks overtly promising, simply avoid them. For example, popups saying you are the 100th visitor and are chosen for a prize – ignore it. Avoid anything that promises you the likes of money, gifts, discount coupons, etc. for free. Since the advertisements that appear on the websites are the result of network advertisers, it is up to them to check the advertisements for malicious codes. Most of them just check the language profanity and publish the ads. These days, most reputed networks like the Google AdSense network check the entire code, but there has still been the rare case, where malicious advertisements have crept in.

There are some cloud-based malvertising detection platforms and solutions, which deliver insight about and control over the safety of online ads being served on the websites. Large publishers may want to check this option out. As a user, make sure you have a good security software and inculcate safe browsing habits. And remember to keep your operating system and your installed software, including browser plugins, always updated.

Some recent examples of Malvertising

Certain ads on DeviantART.com were redirecting users to the Optimum Installer web page in order to install Potentially Unwanted Applications on unsuspecting users. Hackers had compromised Clicksor Ad Network to distribute malware. Blackhole Exploit kits were being distributed via the Clicksor Ad Network and others. In yet another very recent case, Java exploits were being served via advertisements on Java.com, reported Fox IT.com.

Infographic This Infographic shows how Malvertising works.

It is therefore important that publishers use only such advertising networks and exchanges that have strong screening methods and who take immediate action, once instances of Malvertisements are found, in order to prevent the spread of malware within their systems, as well as contain the damage which may be caused.

Bad, vulnerable and insecure plugins often get compromised. So as I mentioned earlier, make sure you have a good security software and inculcate safe browsing habits. And remember to keep your operating system and your installed software, including browser plugins, always updated.

Stay safe!

Related posts

• Sidee Looga Fogaadaa Khayaanada Khiyaamada iyo Weerarada?

• Waa maxay Gelitaanka Fog ee Trojan? Kahortagga, Ogaanshaha & Ka saarida

• Ka saar fayraska USB Flash Drive adoo isticmaalaya Command Prompt ama Faylka Dufcada

• Rogue Security Software ama Scareware: Sida loo hubiyo, looga hortago, looga saaro?

• Waa maxay Win32:BogEnt iyo sida loo saaro?

• 3 da siyaabood oo looga takhaluso Virus-yada, Spyware iyo Malware

• Sida looga saaro Chromium Virus ka Windows 11/10

• Soo-gudbinta Malware: Halkee loo gudbiyaa faylasha malware-ka Microsoft iyo kuwa kale?

• Aaladaha Maamulka Fog: Khataraha, Hanjabaadaha, Kahortagga

• Barnaamijyada ama Codsiyada aan la rabin ee suurtogalka ah; Iska ilaali inaad ku rakibto PUP/PUA

• Ka ilaali Drive-by soo dejinta iyo weerarrada malware-ka ee la xidhiidha

• Weerarada Nuglaanta Afduubka DLL, Kahortagga & Ogaanshaha

• Afduubka Browser-ka iyo Aaladaha Ciribtirka Af-duubaha Biraawsarkaaga

• Waa maxay Rootkit? Sidee buu u shaqeeyaa Rootkits? Rootkits ayaa sharaxay.

• Crystal Security waa aaladda ogaanshaha Malware ee ku saleysan Cloud ee bilaashka ah ee PC

• IObit Malware Fighter Dib u eegis iyo soo dejin bilaash ah

• Sida looga saaro fayraska Windows 11/10; Hagaha ka saarida Malware

• Weerarada Malware-ka aan fileyn, Ilaalinta iyo Ogaanshaha

• Waa maxay dambiyada internetka? Sidee wax looga qabtaa?

• Sida loo isticmaalo Malwarebytes Anti-Malware si meesha looga saaro Malware