The Intricate Web of Ad Injection

Google’s Online Security researchers have recently conducted a study together with the University of California, Berkeley and Santa Barbara to examine the often confusing and dangerous web of ad injection systems. Even though there was never a doubt that adware developers, distributors, and parties associated with them are well-established in the virtual world, the findings of this study are truly astounding. For one, it was found that a shocking 5.5% of IPs connecting to Google sites were presented with injected ads. Note that injected ads are controlled by software installed onto operating systems, and they should not be confused with online advertising services, such as Google AdWords. So, how dangerous is the activity of adware, or advertisement-supported software/ad injectors?

How does ad injection work?

Most advertisement-supported programs are presented in a way to allure computer users, because it is up to them to install ad injection tools. Unfortunately, in many cases, adware is installed silently bundled with other, more attractive programs. The study conducted by Google has shown that there are more than 50,000 browser extensions and at least 34,000 applications that can be identified as ad injecting software. Sadly, more that 30% of this software is considered to be malicious, and it can be extremely dangerous to your virtual security. Needless to say, computer users would not download malicious programs themselves, which is where third-party installers come into play. According to recent research, misleading social engineering scams and software bundling are amongst the most popular methods of adware distribution, and Crossrider, Netcrawl, and Shopper Pro are by far the most infamous adware distributors. These companies are paid money to spread adware, which is why it is not at all surprising that they keep finding new and more efficient ways to introduce users to ad injection software.

Adware developers and distributors have important tasks, but they would not succeed if it weren’t for the so-called ad injection libraries. Adware creators and parties using adware rely on remote adware servers to inject ads on the target websites. The researchers at Google have found 25 companies that are responsible for creating these infection libraries, including Superfish and Jollywallet. These companies allow the communication between different parties, and they act as glue in the ad injection network. Needless to say, these companies also earn money, which means there is plenty of motivation to operate in a clandestine, non-transparent manner. Of course, we should not forget about the last player in the ad injection word –advertisers. Amazon, eBay, Target, Walmart, and other popular shopping websites are the prime targets of unreliable advertisers as these websites are most popular amongst users. While these advertisers gain nothing from ad injection, they accidentally pay for traffic that enables it, which means that they play an important role.

How to stop ad injection

The first thing that you need to do if you want to stop ad injection is to protect your operating system with trustworthy anti-malware software. Next, you need to make sure that you use secure web browsers. For example, Google Chrome has been upgraded to flag potentially malicious software when users attempt to install it. Google has implemented the new Safe Browsing API to protect the users of Chrome, Firefox, and Safari browsers. There is no doubt that this system works as the number of warnings received after clicking AdWords (in Chrome) has already dropped by 95%. All in all, the protection of your virtual security is in your hands, and your own actions are the most important. If you install reliable security software, use reliable web browsing tools, and do not let in malicious ad injection software, there is no doubt that your virtual identity will not be jeopardized.

Leave a Comment

Enter the numbers in the box to the right *