Posted on August 9, 2021 at 5:47 PM
Global cybersecurity firm GeoEdge stated that it has discovered a wide-scale malvertising campaign that targets home-network-based IoT devices.
The company said it collaborate with AdTech partners Verve Group and InMobi for the research, which identified the attack vectors and the location of the threat actors.
According to the finding, the threat actors were located in Ukraine and Slovenia. GeoEdge has been monitoring the activities of the threat actors since June 2021, when the investigation began.
The firm disclosed that the distributed attack is the first that utilized online advertising to install apps quickly on IoT devices connected to home Wi-Fi.
The attackers do not need sophisticated tools
Based on the analysis of IoT devices, there will be over 30 billion IoT devices that will be connected to the internet by 2025. As a result, both industrial and home IoT devices will be more vulnerable as more threat actors target them.
GeoEdge said its advanced malware detection abilities enabled it to discover these online ads that are targeting IoT devices.
The company’s Chief Executive Officer, Amnon Siev, commented about the recent malvertising activity.
“[…] We exposed the origin, infrastructure and global scale of these attacks,” He stated, adding that the exposure was possible with the partnership between Verve and Inmobi.
He added that the detection was possible because of a deep understanding of the threat landscape. As a result, a new standard for user protection has been created.
The advertising networks are not aware of the malicious activities
As the name implies, Malvertising is the type of malicious activity that involves injecting malicious codes into systems through online advertising platforms.
In most cases, the advertising networks are not aware their networks are being used to serve malicious codes. The most dangerous thing about the attack is the fact that users can easily become victims. The targeted users do not need to click on the ads to trigger that attack on home network devices.
As both large and small companies use digital advertising to gain a greater share of the market, it also presents some security challenges. Even when the systems are secured, there is a potential leak through these advertisers. As a result, GeoEdge has advised that organizations require a high-security check to quickly identify these security risks and prevent them.
InMobi also noted that the partnership between the parties has enhanced user protection throughout the advertising networks. It says the company’s real-time protection enables safe ads delivery to its global partners. As a result, it maintains user trust and maintains quality.
The attack can have a serious impact on devices
According to the research result, the broad IoT attack has a huge impact on their targets. These include the ability to download apps and manipulate IoT devices without the user’s knowledge. The worst part of that the user might not realize there is malware in their devices.
The threat actors also can temper with home systems like surveillance cameras and smart locks.
GeoEdge has recommended the methods to deploy when blocking such attacks. According to the firm, the only way is to continuously block infected ads in real-time because firewalls and antivirus apps will not be enough. But the real-time block of the ads will block them from being transmitted to the users.
Vice President of Engineering at Verve Group, Pieter de Zwart, stated that the company is doing a lot to combat the new cybersecurity risks on ad advertising.
The firm admitted that the ad security landscape has evolved over the years as organizations work to maintain a transparent ecosystem. These days innovative solutions are required to combat new cybersecurity risks.
Zwart reiterated that the company is committed to providing a safe advertising experience and will be collaborating with top industry players to offer more ad advertising security.