Security Concerns Regarding Malvertising are Still High, Despite of the Reduction in Bad Ad Impressions!

Credible publishers who depend on ads to generate revenue online surely understand how troubling the malvertising issue can be. If you are unfamiliar with the term, malvertising is about spreading malware through the misuse of online advertising i.e. inserting infected code or malware-loaded ads in genuine online ad networks.

The concerning part is that such malicious ads can then appear on genuine sites via drive-by downloads, pop-ups or even redirects. Site visitors are prone to getting trapped in this spam.

Renowned names such as Forbes, The New York Times and more have faced the wrath of malvertising in the past.

According to online ad verification specialist Cheq, marketers are expected to incur a loss of around $23 billion in online ad spending this year due to fraud. Advertising networks, on the other hand, are well-aware of the problem and have been doing everything in their power to spot and take down fraudulent ads.

Confiant, media and publisher protection specialist, conducted a study which revealed that a lot of work has to be done before the legitimate advertising ecosystem can be considered safe.

After studying around 120 billion ad impressions in the last quarter, Demand Quality Report discovered that the industry is being harmed by in-banner video, cheap advertising (in terms of quality) and malicious adverts. However, a reduction in the volume of malicious adverts was also observed (from 0.25% in Q2 2019 to 0.15% in Q3 2019). Still, it doesn’t change the fact that one in every 250 impressions (roughly 4 billion per month) suffers either security-wise or in quality.

In the last quarter, almost every ad network improved their detection rates. Surprisingly, Google Ad Exchange wasn’t among those networks.

Previous Confiant reports stated that Google Ad Exchange’s performance was off the charts, with the malicious ad impressions not exceeding 0.02%. However, the percentage jumped to 0.08% in Q2 (a 320% increase).

Four extremely sophisticated threat groups are being blamed for inflicting most of the malicious attacks in the last quarter, as per Confiant. The groups are Scamclub, RunPMK, eGobbler and Zirconium.

Scamclub spams ad networks with countless malicious ads every day with the belief that a minute percentage of those will not be detected by security checks. RunPMK’s attention remains on mobile traffic and it targets Video 360 (DV360) and Google Display. As for eGobbler, it relies on abusing vague browser vulnerabilities to get past security checks for pop-ups and redirects.


As for Zirconium, it is quite advanced and exploits browser fingerprinting methods to attack desktop browser sessions and complicated aspects of Javascript.

While it can be said that malicious impressions are dropping, it should be noted that a similar trend was observed in Q3 2018 and in the following quarter, the bad ad impressions rapidly increased. According to Confiant, it can happen this year again as the scammers remain well-prepared to launch their attacks when a significant chunk of the ad networks’ staff is on holidays.

Although improving security is vital in tackling the fraudsters, it is also important for publishers to engage with platforms that can communicate with them when such issues arise.


Illustration: Getty

Read next: Influencer Marketing Trends - The Cost of Sponsored Post on YouTube, Instagram, Facebook, Twitter and Blogs Compared
Previous Post Next Post