Clickjacking, ransomware and the circle of trust in banner ad networks - can Optimal save us?

Malwarebytes has two worrying articles about banner ads malware recently, first they found a malvertising campaign via pop-under ads that sent users CryptoWall 4 . The PopAds network was spreading Magnitude exploit kit, ransomware, which will infect your system and take your computer files hostage. Once your computer is infected you'll see the dreaded CryptoWall ransom window, ordering you to pay money in order to regain access to your own documents. This ransomware was spread via pop-under ads mainly placed on adult and video streaming sites. One of the ways to avoid the infection is to uninstall flash, but also take care and surf the web with Ad Block or other ad blockers, and you should consider additional security such as an anti exploit kit or internet security program.

The other worrying article was this one about a clickjacking campaign. Designed to mimic the EU regulated "cookie alert" on any given website, the clickjackers aren't loading your browser with malware, but instead 'stealing' your human created click. By serving an ad in an iframe with opacity zero, you won't see the ad, instead you'll read the usual EU regulated alert about 'this site has cookies', and a button to click OK. When you click the OK button, you're clicking the banner ad that you don't see, thus loading the advertiser’s website. This is costing both advertisers and ad networks money, while sneaky websites are getting the money by tricking you into this click. Now you know what "clickjacking" means.

It's not just publishers that are victims when malware, clickjacking and ransomware seeps into the banner ads on a website. When Forbes served you malware just like the Economist did earlier, their reputation and brand suffered. But ad networks, and analytics networks as in the case with Economist, are also victims, as the malware, ransomware and clickjacking is sieving money from them and ruining their networks reputation. I've been saying that ad networks should have invested in security a long time ago, as publishers lend their trust to the ad networks when they use them for media. The problem is the circle of trust is too big, we might trust our ad networks partners, but the ad networks trust many more. Even Google Adsense isn't immune to bait-and-switch banner buys, and Google's Doubleclick distributed malware after some domain name shenanigans in 2010. At this point, it's not just publishers that have tons of third party ads and javascripts in their sites, the ad networks do too. Ad networks need to clean up their act as much as publishers need to look at how many third party snippets of code they have buried in their websites. It's not just ads, analytics and tracking publishers embed, but also third party video, audio, images, social network tweets, instagrams, and so on. For every embed, we're widening that circle of trust once more.

With publishers panicking as blocking is now available on every device and OS, new ideas for how to generate revenue for publishers are sorely needed. Optimal.com has an interesting idea for a solution, their users pay a fee to block ads, and Optimal will then split that fee with the publishers that user visits. Sign up at Optimal.com as consumer of publisher if you're interested in this not yet launched system. Users will even be able to see where very cent of their money goes in a dashboard at the end of the month. A new twist on the micropayment + flattr idea, an "ethical" ad blocking service.

"Over time publishers might come up with other ways to encourage users to take this option [and turn off their ad blockers] but the problem at the moment is a lot of publishers don't have valuable enough content to be able to charge, with the ubiquity of content across the web"

Optimal.com CEO Rob Leathern said to Laura O'Reilly at Businessinsider

More ideas to solve this problem will emerge over time, meanwhile you should check your computer security. Banner ads aren't just annoying, they're an internet security threat and tracking is a privacy issue. Check out Ghostery, and what it reveals about the websites you visit.

Adland® is supported by your donations alone. You can help us out by buying us a Ko-Fi coffee.
Anonymous Adgrunt's picture
comment_node_story
Files must be less than 1 MB.
Allowed file types: jpg jpeg gif png wav avi mpeg mpg mov rm flv wmv 3gp mp4 m4v.