GeoEdge detects malvertising attack on smart home IoT devices, says antivirus apps and firewall not enough


A global-scale malvertising attack, the first ad-based cybercrime that targets home-network based IoT devices, has been uncovered by global cybersecurity company GeoEdge.

GeoEdge’s security researchers identified both the attack vector as well its origins in Slovenia and Ukraine in cooperation with the company’s AdTech partners InMobi and Verve Group.

GeoEdge says its security research team has been investigating the malvertising attack on smart home IoT devices since mid-June 2021.

The widely distributed attack vector is the first to use online advertising to silently install itself on apps on home-WiFi-connected IoT devices, and only requires that hackers possess a basic understanding of device API documentation, some JavaScript knowledge, and online advertising skills.




Market research firm IoT Analytics forecasts more than 30 billion IoT device connections worldwide by 2025. The sheer number of devices makes them attractive to malvertisers, and hackers can exploit them.

“GeoEdge’s patented behavioural code analysis technology and advanced malware detection capabilities detected these online ads covertly injecting malware into smart-home IoT devices,” explains GeoEdge CEO Amnon Siev. “We were able to expose the origin, infrastructure, and global scale of these attacks. This joint mission is built on trust and a deep understanding of the threat landscape which has enabled us to create a new standard for user protection.”

“Malvertising,” or malicious advertising, spreads malware through the injection of malicious code into online display ads via online advertising networks, which can potentially risk infection.

Advertising networks are generally unaware they are serving malicious content.

According to GeoEdge, users targeted with the attack aren’t even required to click on the infected ad or navigate to a malicious page to initiate the attack on home network devices.

“It is critical that we have the checks and balances to identify and contain potential malicious threats before they can infect users’ devices,” explains InMobi senior vice president and general manager, publisher platform and exchange Kunal Nagpal.

Nagpal says InMobi’s collaboration with GeoEdge enhances user protection across advertising networks through real-time protection, and ensures delivery of safe ads to partners.

According to GeoEdge’s research, the IoT attack has the ability to manipulate IoT devices, download apps without users’ content, and risks theft of personal information and monetary instruments, as well as tampering with home systems such as smart locks and surveillance cameras.

GeoEdge notes antivirus apps and even firewalls are not sufficient, making it necessary to continuously block infected ads in real-time to prevent them from being rendered and presented to users.

Verve Group vice president of engineering Pieter de Zwart says that as the ad security landscape evolves, new cybersecurity risks require solutions.

He concludes that GeoEdge is committed to ensuring a safe advertising experience. “Partnering with key industry players enables us to fulfil that mission.”

GRAND OPENING OF THE ITWIRE SHOP

The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.


ENTER THE SHOP NOW!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.


SEE WHAT’S ON ITWIRE TV NOW!



Source link

Leave a Comment

Your email address will not be published. Required fields are marked *