The number of advertisements designed to deliver malware has tripled in the last year, a new report from security company Cyphort reveals. And it seems like newly exploited security holes in the Adobe Flash plug-in are likely responible.
Advertising malware is typically delivered via third-party ad networks. A hacker will purchase space and upload an innocent-seeming advertisement, intending it to be served on multiple websites. But when someone clicks the ad or hovers over it, the hacker uses security vulnerabilities in Adobe Flash to install malware on your machine. It’s a nasty trick, and it often triggers through no fault of your own.
To measure the problem of advertising-delivered malware, Cyphort visited the 100,000 most-visited domains on the net and counted how many served up infected advertisments. This February, 407 (0.4%) of these domains were serving up malicious ads via Flash. In one case, researchers discovered malware being delivered via the Yahoo ad network; in another, infected ads were found on popular dating site PlentyOfFish.com.
The best way to stay protected against this malware threat is to turn off Adobe Flash on your computer. Flash has been disabled for Mozilla Firefox since July – part of why the security-minded Firefox browser is our top pick. You can disable Flash in Chrome by typing “chrome://plugins” (without the quotes) into the address bar and then click Disable under Adobe Flash Player. To disable Flash in Safari, choose the Safari menu option, then choose Preferences. Under the Security tab, you want to click the “Website Settings …” button next to Internet plug-ins. Choose Adobe Flash Player in the left hand menu, and then set the “When visiting other websites:” dropdown to Block.
Choosing to block Flash may cause some websites to be inaccessible. Still, most sites support HTML 5 as an alternative to Flash, and all modern browsers support HTML 5. You can also re-enable Flash if you later need to visit a specific page.
For more information on how to keep protected while using your PC, check out Techlicious’s computer safety and support roundup page. You might also want to take a look at the top safety practices of computer security experts, as revealed by a recent Google report.
[Image credit: Apple Safari]