Will malvertising change the advertising industry's view on ad blockers, the software in browsers that prohibit ads from serving up in the Web page?
The malvertising attack that recently hit Yahoo has now moved to other advertising networks serving ads across AOL, eBay, Drudge Report Weather Underground and NetZero, among others, but the more interesting news comes from a comment under the Malwarebytes Labs post.
"Is it really any wonder that ad blockers are so popular?" writes capnkrunch. "Instead of complaining about lost revenue the ad industry needs to reform itself. It really shouldn't have to be a choice between supporting the ad sponsored sites I frequent (which I really want to be able to do) or rolling the dice on being served Cryptowall 3 by the Angler EK."
Capnkrunch takes a stab at the advertising industry, suggesting companies have had plenty of time to address the issue, but chose to do nothing more than complain about how unfair it is for people to use ad blockers.
A study from Adobe and PageFair estimates the loss of global revenue due to blocked advertisements in 2015 at more than $21.8 billion, rising to $41.4 billion in 2016. Although the study doesn't make this conclusion, I'm convinced that the rise of malvertising and ad blocking could explain the slowing growth of revenue from search and display ads supported by Bing, Google, and Yahoo.
It turns out that the malware behind the recent Yahoo malvertising attack moved to another advertising network used by many of the top publishers to infect their sites. Weather.com, for example, supports about 121 million visits per month. Drudgereport.com 61.8M visits per month, and wunderground.com 49.9 million visits per month.
The malvertising is loaded via AdSpirit.de and includes a redirection to an Azure Web site. Note how both URLs are using HTTPS encryption, making it harder to detect the malicious traffic on the network.
Jerome Segura, security researcher at Malwarebytes, responded by suggesting the popularity of ad blockers may really force the ad industry to change how they serve advertisments. "It could be the use of new technologies that make malvertising harder or perhaps sponsored content where the advertiser is mentioned throughout the article in other ways than with a traditional 'ad banner.'" he wrote.