61% of malicious ads target Windows users

Most malvertising campaigns (malicious ads) target Windows users, according to statistics shared last week by cyber-security firm Devcon.

The company said that based on data gathered by its internal tools, 61% of the malicious ads they’ve observed from between July 11 and November 22, 2019 were aimed at Windows users.

This included malicious ad campaigns “designed to redirect the user to malicious sites or to trick the user into downloading a piece of malware.”

Devcon said the reason for this was simple, and could be attributed to Windows’ huge OS market share, which is no surprise, since most malware in the past 30 years has targeted Windows devices.

However, the company’s malvertising stats also came with a surprising discovery, revealing that malvertising campaigns over the past four months have targeted ChromeOS in surprising numbers.

Devcon said 22% of the malicious ads they observed targeted Google’s fledgling OS, more than macOS (10.5%), iOS (3.2%), Android (2.1%), and iPadOS (0.8%).

The least targeted, Devcon said, was Linux, which accounted only for 0.3% of all malicious ads the company recorded, which is no surprise, since most Linux systems are used as servers.

Most malicious ads tracked back to three ad networks

A different report, also published last week, but by ad security firm Confiant, looked at the entire ecosystem, and the source of these malicious ads.

Confiant said it analyzed more than 120 billion ad impressions published in Q3 2019 (from July 1 to September 30, 2019) via 75 advertising networks (called SSPs, or supply-side platforms).

The company, said that at one point or another, every ad platform will have its platform abused by malvertisers every quarter.

However, while some ad network fight against abuse and have security measures in place, some platforms seem to tolerate malvertisers on a regular basis.

Confiant said it found that nearly 60% of all the malicious ads it recorded in Q3 2019 came from just three ad platforms alone.

“Most alarmingly, a single SSP was responsible for 30% of malicious ad impressions,” Confiant said.

The company didn’t name the three ad platforms, but it did say that a SSP should be able to detect an ongoing malvertising attack performed via its platforms, as these tend to be quite noisy and have even been seen to swallow up to 13.84% of a platform’s entire ad impressions.