Now Reading
Google highlights ad-injection problem in a security report

Google highlights ad-injection problem in a security report

by AshwinMay 8, 2015

Google has always been concerned about online security, and has been providing various solutions to help keep it’s users safe.


At the end of April, the Mountain View company released a new extension for its homemade browser, Chrome.

The extension, Password Alert helps users by alerting them when it detects duplicate passwords on websites. It also displays a warning message when it detects malicious content on a webpage. The reason I’m mentioning the extension here, is because it blocks dangerous content using Google’s security system.

Even Microsoft recently announced that it will begin marking ads as malicious if they break the Redmond company’s ad guidlines.  (misleading ads and those which trigger downloads)

Ad-injection is a serious problem:

Google says that the ad problem is bigger than we think. It says that malicious ads are injected into web pages either by replacing existing ads or by placing new ads on the pages. Since the beginning of 2015, over 100,000 users reached out to Google to complain about malicious ads.

The company conducted a study with the University of California, Berkeley and Santa Barbara, in 2014 for several months, to analyze the threat that ad injectors pose. You can read the full report here.


Google says that it built an ad-injection detector for its own sites, which identified millions of ads on other websites last year. Around 5.5% of users on Google’s websites, were affected by injected ads.

Google says that several factors come in to play to inject ads on webpages, including browsers and browser extensions.Over 50,000 extensions and 34,000 applications caused browser hijacks and injected ads. And over 30% of those were malicious and stole user credentials, hijacked search queries, and tracked user activities.

Advertisers are also involved in this, as they turn to affiliates to help them sell their products. Advertosers pay a share of the revenue, when a user clicks on an affiliate ad and makes a purchase.

The ads were being distributed disguised as adware embedded into applications, online marketing, social advertising, and malware distribution. Superfish and Jollywallet were two of the most common injection libraries used for such malicious attacks, the study says. Lenovo was found to be distributing Superfish on its laptops, and was later directed by a Court to remove it.

Google is fighting this problem by cleaning up the Chrome Web Store. Over 192 extensions which affected 14 Million users were removed from the Web Store. Chrome also flags unwanted software, by placing warning messages when users click to download a Potentially Unwanted Program. Google is also helping users rrmove the malware from their systems, with a tool.

It is also helping advertisers affected by the ad injection problem, and has also improved its AdWord policies to prevent the promotion of unwanted programs.