Bad ads: Publishers look to stop malvertising for good

110118Portswigger.jpg

Advertisement fraud can take many forms – from hidden malware in banner ads and click jacking to CPU-sapping cryptominers that slow devices down to a crawl.

A study by the Association of National Advertisers (ANA) found that $6.5 billion was lost to ad fraud in 2017, a figure that is expected to rise this year.

The report also found that 22% of desktop video adverts were fraudulent, cementing the delivery channel’s reputation as a “key target” for fraudsters.

In January, Trend Micro researchers detailed how Google’s DoubleClick ads had been hijacked by Coinhive JavaScript to secretly mine for Monero.

As a result, up to 80% of the CPU resources on the users’ devices were being drained.

Google quickly removed the offensive adverts and banned the actors in question.

But the consequences don’t just stretch to the user who, in the worst-case scenario, can be left with an infected machine – website owners are also missing out on much-needed funds.

Media publisher Forbes often forces visitors to switch off their ad blockers by obscuring popular articles until permission is granted for adverts to be displayed.

This is a fairly common and reasonable request, especially during a time in which newspaper sales are decreasing rapidly year on year.

But in 2016, droves of Forbes visitors were stung when they were served with pop-under malware after disabling their ad blocking tools to view the annual ‘30 Under 30’ list.

“If you apply something like an ad blocker you’re depriving the publisher of the revenue from the traffic,” Maggie Louie, CEO of cybersecurity vendor Devcon, told The Daily Swig. READ MORE

Christina BrownPress