Malvertising -- It's Not Just on Websites Anymore
If I had to make an educated guess, I would pick the smartphone and similar mobile devices to be the most talked about security issue, at least for the beginning of next year. More people are using them for business purposes, as well as blurring the line between business and personal use. And that means, of course, the bad guys are finding more ways to hack into mobile devices and steal data.
One of those ways that we'll likely see more of in 2011, according to Zscaler, is malvertising geared specifically for smartphones and tablets.
Malvertising isn't a new problem. It's a well-known technique, whereby attackers lease advertising space on popular websites in order to facilitate an attack. Sometimes the ads are there to lure users to a malicious secondary site; sometimes it involves a browser-based vulnerability to deliver a malicious file. Whatever the case, it has traditionally involved only websites. The truth is, this type of malvertising is also on the rise and an issue that businesses need to be increasingly be aware of.
But Zscaler also pointed out:
However, mobile ad platforms such as iAd (Apple) and AdMob (Google) are emerging as powerful players in an effort to control mobile advertising on tablets and smartphones. Don't expect attackers to ignore this powerful ability to reach out to an entirely new set of potential victims.