Thursday 25 September 10:00 - 10:30, Red room.Rahul Kashyap BromiumVadim Kotov Bromium This paper is available online (HTML, PDF). download slides (PDF) The significant part of the web economy is web advertising. Banner networks are presented on the majority of popular websites such as YouTube, Facebook, New York Times etc. In other words, by visiting a website we implicitly allow a number of third-party JavaScript and Flash programs to execute in our browsers and this brings up some huge security concerns. In this research we address the problem of leveraging ad networks to spread malicious programs, also known as malvertising. Yes, it's 2014, and our investigation determines that this abuse is still rampant. It puts a significantly large population at risk. In this talk we start with the live capture of malware that we uncovered on YouTube. We then talk about the possibilities and perils that lie ahead. Our goals are to determine how web advertising could be exploited to spread malware, the chances of malicious banners being detected by security crawlers, and how malicious banners can bypass anti-malware checks and stay undetected. We try to estimate how vulnerable the somewhat 'opaque' ad-networking industry is, and what countermeasures could be applied to lower the severity of the threats it poses.