• by Laurie Sullivan  @lauriesullivan, May 7, 2015

Google has released the names of companies profiting from injecting ads into its owned Web site pages.  The study, conducted by the University of California, Berkeley and Santa Barbara, analyzed more than 10 million page views on Google sites between June and September in 2014. The initial findings were released in April, without the names of the offenders.

Ad injectors are malicious programs that insert unwanted ads in Web pages, sometimes costing companies millions of dollars or downloading malicious bugs onto the viewer's computer. While Superfish and JollyWallet from Radyoos Media are known ad injectors, the study also points to other well-known businesses, including shopping ad networks like Dealtime, PriceGrabber, and Shopzilla/Bizrate.

The researchers identified superfish.com as the top ad injector -- with about 96%, or 49,127 browser extensions, and 97%, or 33,486 software programs. Half of extensions used at least two ad injection libraries and 80% of programs used at least four.

To determine the culprits, Google added code to its Web sites that detect and report back when rouge ads were injected into pages by programs or browser extensions. Tracking the ads revealed locally installed ad injectors interfered with 5,339,913 page views, or 5.2T of the total, which impacted 5.5% of unique daily Internet Protocol addresses that accessed Google’s sites.

Chrome was the most popular browser and the most commonly affected platform, between 5% and 8% of page views during the research.

"The ad injection ecosystem profits from over 3,000 advertisers, including Sears, Walmart, Ebay, and Target, which unwittingly pay for traffic from injectors," according to the study.

The top 10 injected ad domains contribute 87% of revenue, followed by a long tail of more than 15,112 distinct ad domains. Superfish.com is the most popular source of traffic, in part, because 60% of the extensions the team executed belong to its affiliate program.