Cyber criminals today are using a new and dangerous form of obfuscated malvertising attacks. These attacks are launched by malvertisers abusing WebRTC protocols, an open framework that provides browsers and mobile applications with Real-Time Communications (RTC) capabilities via simple APIs that allow platforms to communicate via a common set of protocols.
Using a vulnerability in WebRTC, cyber criminals are able to insert malicious ads into real-time programmatic ad bidding platforms, negatively impacting the experience of users who see the ads, as well as the publishers/app developers who run the ads.
This new form of malvertising can’t be blacklisted because the attackers do not use domains or servers that can be blacklisted. They abuse legitimate scripts that belong to well-known benign entities - such as Google and Microsoft.
In this guide, you’ll learn:
- How and why malvertisers are abusing WebRTC protocols.
- The key components for dealing with obfuscated attacks.
- How to build an effective security plan for your company to protect your users against this new form of attacks.