Google takes action against ad injectors after 300K complaints from Chrome users

Status
Not open for further replies.

Exterminator

Community Manager
Thread author
Verified
Staff Member
Well-known
Oct 23, 2012
12,527
According to a new blog post, Google has decided to fight unwanted and potentially malicious ads that appear on legitimate websites. After receiving nearly 300,000 complaints from users of its Chrome web browser, Google is adding automated filters to DoubleClick Bid Manager to create blacklists. Google owns the DoubleClick technology used by advertisers to manage digital ad campaigns on behalf of websites.

Google gives the example of The New York Times, whose website was showing ads the publisher didn’t know about. Ad injectors were hijacking legitimate ads and replacing the ones that were originally intended to run on the website. Below is an example of what some New York Times readers saw:

The unwanted ads sometimes contain malicious code presented through Chrome. If the user clicked the wrong button, they could run harmful code.

Advertisers often don’t know their ads are being injected, which means they don’t have any idea where their ads are running… and more importantly, they unknowingly may be putting their visitors in harm’s way, via spam or malware in the injected ads.

The result of Google’s action is a blacklisting of 1.4% of the ad inventory managed through DoubleClick Bid Manager. But the company found that the percentage of injected ads varied wildly across different ad exchanges, with one having over 15% of its ads blocked by Google’s new filter.



Google acknowledges the chaotic nature of the online ad business, noting the “… tangle of different businesses involved—knowingly, or unknowingly—in the ad injector ecosystem.” That “tangle” once included the largest PC maker in the world, Lenovo.

Google specifically notes the recent “Superfish” scandal whereby Lenovo secretly installed adware on its new PCs. The software enabled the injection of unwanted ads that left users potentially vulnerable to so-called man in the middle attacks, whereby https traffic is hijacked.

In their blog post, Google only outlines the measures the company is taking on the advertising side, without addressing what Chrome users can do to protect themselves. Even though the company sits on both sides of the ad equation (managing the ads and providing the web browser), it isn’t surprising that Google doesn’t talk about ad-blocking extensions available in Chrome’s web store. After all, the company earns the vast majority of its revenue selling online ads.

Source & Images: Google
 

Solarquest

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 22, 2014
2,525
It's incredible that it took do much time!
..apparently to get something done citizens need to cry loud...and together...still don't understand why it takes so long to patch Android, device's firmware (bios, hd, et )!!!
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top