Malware Peekaboo: It’s a Short Road to Become Infected
December 21, 2015
by Chemi Katz
Client-side injected malware has been playing “peekaboo” with enterprises in the last couple of years. Some companies are aware of it, especially due to customers complaining about “weird” ads and a faulted customer journey. But for most enterprises client-side injected malware is completely invisible.
The reason is very simple: client-side injected malware (CSIM) is undetectable to server-side security shields. It has nothing to do with companies’ servers or infrastructure. CSIM resides solely on the end-users’ devices, both and mobile.
Users can easily become infected with CSIM by downloading various kinds of software and browser extensions that may seem legit, but really include hidden malware and spyware. This can be found in everyday browser extensions, plugins, toolbars and even malvertising – ads that are officially authorized but include malicious components that infect users. Software vulnerabilities include phishing emails and daily-used applications that were temporarily hacked to infect users with malware.
40%-60% of CSIM attacks are on mobile devices, which have not been able to escape “Malware Peekaboo”. Somewhat like web infections, mobile infections can originate in free mobile apps (all those free flashlight apps need to make money in some way or another), re-packaged apps and even pre-installed apps.
But, even “clean” devices can easily get infected. Hackers often leverage router hijacking to unnoticeably infect desktop and mobile devices. Cellular networks are not free of malware and at times are subject to hacking attacks that can cause users to become infected with malware that will last much longer than the specific hack.
Though infection occurs on the client-side, the users are not protected by anti-viruses that are not designed to deal with client-side injected malware. So practically, CSIM easily hides from both client-side protection layers and server-side protection layers.
Despite the fact CSIM infection occurs on the client-side, the main impact is directly on businesses and the integrity of their digital assets. Once infected with CSIM, your visitors will experience your site completely different from the way it was designed. CSIM injects unwanted ads, disrupting visitors’ experience, taking away their attention and subsequently luring them away. Invisible spyware poses a significant threat to users’ private and sensitive data.
Fortunately, there’s Namogoo. With a simple and quick integration, Namogoo gives your website enterprise-grade protection against CSIM. Our machine learning algorithms go to work spotting and preventing CSIM attacks as they happen. The end result? Everything works just as it should. The only evidence you’ll see is in your Namogoo dashboard where we show you the threats that have been stopped and keep you up to date with all of the information that we’ve gathered.