Many people hate online ads because they create annoying distractions on websites, but research from Google and several universities suggest ad injectors are also a security risk.

The Google Online Security Blog outlined a new study on the ad injection economy, which was carried out by researchers at Google along with the University of California, Berkeley and the University of California, Santa Barbara. The report described a mechanism used to detect unwanted software that uncovered more than 85,000 ad injectors aimed at the Chrome browser. Besides taking control of the browser, the research suggested that 30 percent of such extensions and apps were stealing data and reporting it back to third parties. The data could include anything from browser queries to more serious information, such as online account credentials.

Although not all ad injectors are the work of cybercriminals, eWEEK pointed out that they are often distributed in ways that would categorize them as malware. This could include online campaigns that trick users into clicking on special URLs or even via ad affiliation networks, which can profit from each click that comes through such programs. Advertisers might not even realize where some of the traffic to their ads originated.

AdExchanger, an online magazine aimed at the digital marketing industry, suggested Google’s findings would raise major concerns from companies that run campaigns online. Some may already be on the alert after a recent scandal involving Superfish, whose technology for switching online ads reportedly opened up Lenovo laptop users to hacker activity.

The report showed some very well-known brands whose ads are being served up via ad injectors, including Wal-Mart, eBay and Sears. Although the main culprits may be limited to less than a handful of programs, The Wall Street Journal suggested that resolving this issue could prove highly challenging. Google and others could conceivably create tools to block unwanted ads, but it would probably be quicker if more publishers and brands became more aware of the issue and how it could hurt their customers.

The Verge made another good point: Although Google’s research suggested that 1 in 20 online users are victims of ad injectors, that may be a conservative number. Much like other forms of malware, those looking to serve up unwanted ads and steal information try to be as difficult to detect as possible. The report may have opened a can of worms, but we probably still haven’t seen the bottom of the can.

More from

The Role of Human Resources in Cybersecurity

The human resources (HR) department is an integral part of an organization. They work with all departments with a wider reach than even IT. As a highly visible department, HR can support and improve an organization’s security posture through employee training. Their access to employees at the start of employment is an opportunity to lay a foundation for a culture of risk awareness. HR departments do not typically include cybersecurity risk awareness training with new hire onboarding, but it’s something…

New Attack Targets Online Customer Service Channels

An unknown attacker group is targeting customer service agents at gambling and gaming companies with a new malware effort. Known as IceBreaker, the code is capable of stealing passwords and cookies, exfiltrating files, taking screenshots and running custom VBS scripts. While these are fairly standard functions, what sets IceBreaker apart is its infection vector. Malicious actors are leveraging the helpful nature of customer service agents to deliver their payload and drive the infection process. Here’s a look at how IceBreaker…

Operational Technology: The evolving threats that might shift regulatory policy

Listen to this podcast on Apple Podcasts, Spotify or wherever you find your favorite audio content. Attacks on Operational Technology (OT) and Industrial Control Systems (ICS) grabbed the headlines more often in 2022 — a direct result of Russia’s invasion of Ukraine sparking a growing willingness on behalf of criminals to target the ICS of critical infrastructure. Conversations about what could happen if these kinds of systems were compromised were once relegated to “what ifs” and disaster movie scripts. But those days are…

Cybersecurity 101: What is Attack Surface Management?

There were over 4,100 publicly disclosed data breaches in 2022, exposing about 22 billion records. Criminals can use stolen data for identity theft, financial fraud or to launch ransomware attacks. While these threats loom large on the horizon, attack surface management (ASM) seeks to combat them. ASM is a cybersecurity approach that continuously monitors an organization’s IT infrastructure to identify and remediate potential points of attack. Here’s how it can give your organization an edge. Understanding Attack Surface Management Here…