Malware Driven Banner Ad Attacks Rising - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Government // Cybersecurity

Malware Driven Banner Ad Attacks Rising

While fake cost-per-click rates declined in the fourth quarter, a new form of impression inflation has emerged, finds online advertising audit firm.

The number of online advertising campaign clicks that were fake -- known as "click fraud" -- declined in the fourth quarter of 2010 to 19.1%, compared with 22.3% in the third quarter of 2010. While that's an improvement, overall click fraud levels are still higher than the rate of 15.3% seen just one year ago.

Those findings come from Click Forensics, which tracks the quality of online advertising campaigns by researching who -- or what -- is clicking on links. To do that, it studies advertising traffic as it flows over a variety of Web sites, including search engines, shopping engines, online publishers, and social networks.

According to Click Forensics, the greatest volume of click fraud is occurring in North America, followed by Japan, the Netherlands, Philippines, Sweden, and France.

For organizations that buy or sell cost per click (CPC) advertising, click quality is a big concern. Hence the recent -- at least in the short term -- decline in click fraud is good news. But it may not last, said Paul Pellman, CEO of Click Forensics. "While the overall click fraud rate dropped last quarter for CPC advertising, we saw the emergence of new schemes focused on display advertisements. We are investigating the malware-driven attacks in more detail, but early evidence points to an impression inflation scheme."

This particular scheme uses malware to target banner advertisements. According to Click Forensics, "the sophisticated program performs a pop-up or pop-under and rotates brand advertisers' banner ads every 10 to 15 minutes." Malware may then surreptitiously click the banner ads, thus generating impressions and CPC revenue for attackers, via affiliate advertising networks.

Online attackers are always seeking innovative ways to monetize their attack capabilities, and click fraud has become a tried-and-true technique, at least for botnet operators. By making compromised -- aka zombie -- PCs click on links, criminals can turn their malicious code into a moneymaking venture.

For example, according to a November 2010 study from Information Warfare Monitor, written by security researcher Nart Villeneuve, "through the use of pay-per-click and pay-per-install affiliate programs and forcing compromised computers to install malicious software and engage in click fraud, the Koobface operators earned over $2 million between June 2009 and June 2010."

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Slideshows
What Digital Transformation Is (And Isn't)
Cynthia Harvey, Freelance Journalist, InformationWeek,  12/4/2019
Commentary
Watch Out for New Barriers to Faster Software Development
Lisa Morgan, Freelance Writer,  12/3/2019
Commentary
If DevOps Is So Awesome, Why Is Your Initiative Failing?
Guest Commentary, Guest Commentary,  12/2/2019
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
The Cloud Gets Ready for the 20's
This IT Trend Report explores how cloud computing is being shaped for the next phase in its maturation. It will help enterprise IT decision makers and business leaders understand some of the key trends reflected emerging cloud concepts and technologies, and in enterprise cloud usage patterns. Get it today!
Slideshows
Flash Poll