Stegano (Ad Blocking Is The Right Thing To Do)

If you're in ads or publishing, you've seen all the arguments for and against ad blockers - including one which opponents of ad blocking tend to gloss over. I refer, of course, to the unmarketable fact that online ads may come with a significant security risk. Yep, we're talking about malvertising!

This week, malvertising is back in the news. The star is a fun little campaign called Stegano, and millions of people have been exposed to it through mainstream news websites.

What's a mainstream news website? Think The New York Times, Huffington Post, Washington Post, The Wall Street Journal, Mashable... you know, the "reputable" sites.

What does Stegano do?

In a nut shell, it selectively approaches vulnerable users and then serves up one of two malware bundles, Ursnif or Ramnit.

Ursnif's favorite activities include stealing passwords and credit card numbers (if you type it, Ursnif gets it), as well as recording videos and installing backdoors (and his friends will come play on your computer).

Ramnit applies the same skillset to online banking - if you don't bank online, you should have nothing to worry about.

How does it happen?

That's the best part - it's so easy. Visit a website that uses an ad exchange (so, basically any website), and you have a chance of making new (invisible, potentially life-ruining) friends. You don't have to do anything - no need to click on a malicious ad. If the right ad loads, your visitors are invited in automatically.

These malvertisements are considerate, too. Unlike traditional ads, they won't interrupt your user experience. The "infected" ads look virtually identical to safe, normal ads.

If you're in the US, don't panic - these malvertisements mainly affected people Canada, the UK, Australia, Spain, and Italy.

But definitely don't be calm, either. Malicious, email-and-password-and-credit-card-stealing ads aren't a hack job - the "campaign" that delivered them was sophisticated and well-planned.

And this isn't an isolated event: malvertising is a common occurrence, even on top sites. The New York Times, Fox News, and the BBC, even Spotify are all big name brands that happily serve malware to their users (you and me). Evidence suggests malvertising is increasing in both frequency and sophistication.

What does this have to do with ad blockers?

Ad blockers prevent (most) ads from loading - which means they also protect you from malicious ads. In addition, they prevent publishers from collecting ad revenue for their ad supported content - which is why publishers (who need ad revenue) and advertisers (who need eyeballs) say that using ad blockers is wrong, unfair, and needs to stop.

Discussions of ad blocking tend to focus on the nature of the exchange (ads for content) and the (un)fairness of consuming content without "paying" by accepting ads. That's a fascinating debate, but an unnecessary one.

Malvertising, on its own, is ample justification for the appropriateness and fairness of ad blocking - even if all other user concerns were completely eliminated.

More specifically, as long as there's a chance that websites will serve their visitors malicious ads (often in the form of adorably-named "drive by downloads," where they hop onto your computer), every person is justified in using as many ad blockers as they can.


Next: Stegano, Part 2: Who Is Responsible For Malicious Ads?

Latest: Dear Content Owners: Broadcast Ads Will Never Pay You Better Than They Already Do

Previous: Content Owners: Subscription-Only Leaves Money On The Table

Return to Index