Google in order to conduct the study custom-built an ad injection “detector” for Google sites that identified “tens of millions of instances” of ad injections. According to thestudy, 5.5 percent of unique IPs (comprising millions of users) visiting Google sites included ad injections of “some form.”
Some of the key findings of the study show over 50,000 browser extensions and more than 34,000 software applications injected ads into user’s browser. More than 30 percent of these extensions and applications were “outright malicious” and stole credentials from targeted computer alongside hijacking search queries and tracking user activities.
“In total, we found 5.1 percent of page views on Windows and 3.4 percent of page views on Mac that showed tell-tale signs of ad injection software,” notes Google Online Security Blog. The study also found that such malicious software was distributed via a network of affiliates that get paid a commission whenever a user clicks on an injected ad. The study found that ad injectors source their ads from nearly 25 businesses that provide ‘injection libraries’.
“Superfish and Jollywallet are by far the most popular of these, appearing in 3.9 percent and 2.4 percent of Google views, respectively,” notes the blog. One of the most interesting bits from the findings claim that the ad injection ecosystem generates profit from over 3,000 advertisers which include some of the major retailers like Sears, Walmart, Target, eBay, companies that are paying for the traffic received without knowledge that “they are receiving traffic via unwanted software and malware.” Google stress that “ad injectors’ businesses are built on a tangled web of different players in the online advertising economy.”
Google said based on findings of the study it has removed 192 deceptive Chrome extensions from the Chrome Web Store that affected 14 million users with ad injection. Google Chrome also enhanced security of the browser to flag unwanted software and display familiar red warnings when users are about to download deceptive software. Google also updated its AdWords policies to make it more difficult for advertisers to promote unwanted software on AdWords.