Google among ad networks doing business with shady injector services

Rogue web plug-ins that inject their own content over the top of legitimate ads are still in widespread use by unscrupulous advertisers and Google, Yahoo and other major networks are keeping them in business, according to a recent study.

An ad injector is usually installed on an end-user's computer as part of a bundle in a free software download, according to Harvard Business School associate professor Ben Edelman and the founder of fraud detection service iPensatori, Wesley Brandi. Once active, the injector can modify the way the user's browser displays web pages, allowing advertisers to slap their own content onto any website they want even if it blocks out existing ads or violates a site's ad policies.

[MORE GOOGLE:Google fixes lengthy, widespread Gmail malfunction]

The companies behind the injectors have substantial advantages over legitimate advertisers, the authors noted injected ads tend to rate well on click-through and conversion analytics, and the fact that the injectors don't have to spend any money creating content of their own makes them even more profitable.

Moreover, the complexity, automation and large number of intermediaries present in the online ad market mean that it can be difficult to detect injector traffic, which means that both those intermediaries and the advertisers themselves may inadvertently contribute to the problem.

"For example, if traffic flows from an injector to intermediary A to B to C to D to an advertiser, the advertiser may never be told that it is actually buying injector traffic rather than (or in addition to) placements in genuine web sites," the study said.

Mainstream exchanges, advertisers and networks generally claim that they do not do business with injectors but Edelman and Brandi found that this claim is frequently untrue. The authors' observations of Google, Yahoo, AppNexus and, among many others, demonstrated that they do indeed handle injector traffic.

"Our data reveals a stark disconnect between advertising industry claims and actual practices," they wrote.

Speaking to Network World, Edelman urged ad exchanges to take a firmer stand against injectors, characterizing the practice as "stealing from publishers."

"There are more things they could be doing," he says. "One, having an official policy. Two, bringing that policy to everyone's attention any ad network selling any inventory through a Google ad exchange or an AppNexus ad exchange, they're privy to all kinds of terms and conditions."

While the sums of money involved in ad injection likely don't mean much to Google court filings show that one major ad injector called Sambreel was taking in about $8 million a month as of November 2011 they're hardly small potatoes to most other companies.

"This is still just an annoying flea to Google, it's not an important part of their business. But to an advertiser, it can be very important," Edelman says.

Google had not responded to requests for comment at the time this article was published.

Email Jon Gold at and follow him on Twitter at @NWWJonGold.

Read more about wide area network in Network World's Wide Area Network section.

Join the CSO newsletter!

Error: Please check your email address.

Tags YahooGooglesecurityanti-malwareWide Area Network

More about FacebookGoogleHarvard Business SchoolindeedYahoo

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Jon Gold

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts