You should never click on a web ad, instead, go to the destination directly. Why? It’s called Malvertising, or malicious advertising. This might be an attack vector that you may not have thought of, and it can affect PCs as well as mobile devices.
Advertising services contract and by space on popular web pages and social media platforms. This is why the advertisements you see on web pages change, or are customized to your search history.
BUT
Over the past year we have seen over 120 different ad servers compromised and malicious advertisements injected to be served to unsuspecting visitors.
From the following article https://thehackernews.com/2021/04/120-compromised-ad-servers-target.html :
Unlike other operators who set about their task by infiltrating the ad-tech ecosystem using “convincing personas” to buy space on legitimate websites for running the malicious ads, Tag Barnakle is “able to bypass this initial hurdle completely by going straight for the jugular — mass compromise of ad serving infrastructure,” said Confiant security researcher Eliya Stein in a Monday write-up.
The development follows a year after the Tag Barnakle actor was found to have compromised nearly 60 ad servers in April 2020, with the infections primarily targeting an open-source advertising server called Revive.
The latest slew of attacks is no different, although the adversaries appear to have upgraded their tools to target mobile devices as well. “Tag Barnakle is now pushing mobile targeted campaigns, whereas last year they were happy to take on desktop traffic,” Stein said.
Daniel Weatherly
Director of Security Services
Mainstream Technologies Inc.
501-801-6706
