Malvertisers use digital fingerprints

Malvertisers use digital fingerprints

If you’ve ever owned a PC, odds are pretty good that at some point you’ve been a victim of malvertising. This is when you visit a website, and it installs a program onto your computer. Often, this happens without the user being aware of it. As many of us have experienced, these programs can pile onto each other, sometimes requiring a full system reset to get the computer functioning properly again.

 

For a very long time, malvertising existed in a simple way: install the program onto the victim’s computer. But as computer security has improved, this malicious process has evolved. Now, many malware carriers will “fingerprint” visiting computers. This doesn’t mean the user’s biological prints, but rather the makeup of the visiting computer.

 

Jerome Segura, a senior security researcher at Malwarebytes explained, “There are certain folder names and file names that threat actors are looking for that indicate the presence of antivirus software, a virtual machine and other things.” Digital fingerprinting makes this process more sophisticated. “Rather than redirecting you to a malware site, the ad fingerprints your machine to verify if you're a legitimate user or a security researcher or honeypot that should be avoided. That's the main reason behind it. It's not to infect more people. It's to avoid being discovered and to have malicious campaigns last longer.”

 

Hopefully, software that protects against these types of attempts will continue to evolve, so they can better respond to these advances in malware technology. Many malware programs will turn into “ransomware” when installed, demanding a payment to restore the computer back to being operational. It’s a very exploitative industry that needs to be stopped, and security programs must stay ahead of their strategies.