Google's Anti-Malvertising.com Fights Off Bad Ads

The site was created because Google has a significant interest in making sure that ad blocking doesn't become a standard security practice.

Thomas Claburn, Editor at Large, Enterprise Mobility

June 18, 2009

2 Min Read
InformationWeek logo in a gray background | InformationWeek

Google on Thursday quietly launched a new search site called Anti-Malvertising.com to help its ad network partners identify potential providers of malicious advertisements. The Web site establishes a new home for a previously created custom search engine focused on malware, a home furnished with educational resources.

"Malvertising," a combination of the terms "malware" and "advertising," describes online ads that are viral in the wrong way: They attempt to infect the viewer's computer. "Badvertising" is a variant term.

"Some cybercriminals attempt to use advertising to distribute malware," the site explains. "Possible vectors of attack include malicious code hidden within an ad creative (such as a swf file), embedded on a Web page, or within software downloads."

The site was created by Google's Anti-Malvertising Team to mitigate the impact of bad ads on Google properties and on the Web sites operated by partners. The reason is simple: Google has a significant interest in making sure that ad blocking doesn't become a standard security practice.

"It certainly seems that awareness of the industry-wide issue of malvertising is on the rise," said Eric Davis, a member of Google Anti-Malvertising team, in an e-mail. "This site fits into our broader goal to help and encourage all members of the online advertising ecosystem to take an active role in malvertising prevention. It's one part of Google's commitment to educating our customers, improving the industry as a whole, and making the Internet a safer place for everyone."

In early 2008, Niels Provos, a security engineer at Google, said in a blog post that about 2% of malicious Web sites were distributing malware through advertising, based on an analysis of about 2,000 known advertising networks. In 2007, the Q1 2007 Web Trends Security Report published by Finjan said that about 80% of malicious code online at the time came from online ads.

In February of this year, eWeek.com inadvertently displayed a fake Lacoste shirt ad that directed visitors to a site hosting malware. And there have been several similar incidents this year at high-profile sites like MLB.com and FoxNews.com.

The Google custom search engine on Anti-Malvertising.com is designed to provide publishers with background information about advertisers. Fed an advertiser's name, company name, or ad URL, it returns information that may be useful in assessing whether the advertiser is trustworthy.

Anti-Malvertising.com also includes educational resources for those trying to defend against cyberthreats.


Black Hat is like no other security conference. It happens in Las Vegas, July 25-30. Find out more and register.

About the Author

Thomas Claburn

Editor at Large, Enterprise Mobility

Thomas Claburn has been writing about business and technology since 1996, for publications such as New Architect, PC Computing, InformationWeek, Salon, Wired, and Ziff Davis Smart Business. Before that, he worked in film and television, having earned a not particularly useful master's degree in film production. He wrote the original treatment for 3DO's Killing Time, a short story that appeared in On Spec, and the screenplay for an independent film called The Hanged Man, which he would later direct. He's the author of a science fiction novel, Reflecting Fires, and a sadly neglected blog, Lot 49. His iPhone game, Blocfall, is available through the iTunes App Store. His wife is a talented jazz singer; he does not sing, which is for the best.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights