Google research reveals that millions of users are being forced to display advertised pages

As of May 2015, it seems that Google has received complaints about advertisements from over 100,000 Chrome users. Google calls a program that displays unwanted advertisements on web pages visited by users during browsing as "Ad injector" and announces the findings that investigated the actual condition of these ad injectors on the web.

Google Online Security Blog: New Research: The Ad Injection Economy
http://googleonlinesecurity.blogspot.jp/2015/05/new-research-ad-injection-economy.html


Ad Injection at Scale: Assessing Deceptive Advertisement Modifications
(PDF file)https://cdn3.vox-cdn.com/uploads/chorus_asset/file/3673260/ad_injector_paper.0.pdf

A surprisingly large number of traders are entering businesses that display undesirable advertisements, and we have built a complex advertising economy system online. This complicated advertising economic system makes it difficult to grasp the size of the problem and to find a solution, but the program to insert undesired advertisements is not only troublesome, but also a dangerous security risk to many users I am bringing it. Google, which saw this situation severely, announced the findings of a study of "Ad injector" in collaboration with the University of California, Berkeley and Santa Barbara. This is the first time that the actual situation of Ad injector was investigated as much as this time.

The following is an example displayed when opening a web page with infected with Ad injector. There are several pop-up ads on Amazon.com.


When searching "Google iPhone 5" from the Google search in the same state, advertisement occupies most of the search result page, and it can not reach Apple's official website and so on. Normally these ads will not appear unless they are infected with Ad injector. According to the survey, we know that 5.5% of unique users accessing Google, millions of people are browsing pages showing ads that they do not want.


Ad injector infects through software and extensions. More than 50,000 extensions with the Ad injector function have been found in Google's survey, and more than 34,000 software with Ad injector function has been discovered. Thirty percent of those included obviously malicious things, such as stealing certificates, things that hijack search queries, tracking user actions and sending it to the outside. By OS, Ad injector software said that 5.1% of access from Windows and 3.4% of access from Mac were infected with Adjector software.


These software is distributed as a bundled application on famous software download link, and it is distributed in SNS advertisement campaign. Inserted ads are payable based on cost per click (CPC), and Google investigations alone have found over 1,000 companies in the adjector business such as Crossrider, Shopper Pro, Netcrawl.

The damage of advertisement by ad injector extends to famous shopping sites such as Sears, Walmart, Target, Ebay and it is also a factor to increase traffic on the Internet. As a response to such Ad injector, Google has removed 192 extensions, which seems to have infected more than 14 million people from the Chrome Web Store. We also improved the red warning indication displayed when trying to download malicious software. This warning function is "Safe Browsing APIIt is also open to developers as.


In addition, we are also implementing Google AdWords policy revisions to prevent advertisers from promoting malicious software, and we are planning to encourage improvements to the entire advertising system by making it harder to place unwanted advertisements.