Malicious Banners: What’s Old Is New Again

The recent alarm about malicious display ads began slowly, but has rapidly gained steam.

First The New York Times was duped by a “rogue” ad buyer (a security software company) that posed as a legitimate marketer (Vonage) to sneak some spammy, deceptive ads onto Then Microsoft filed five lawsuits against so-called malvertisers. This week, Starcom Mediavest Group and some of its sister agencies at Publicis started warning publishers of the risks and insisting ad sellers take steps to verify their insertion orders.

Said a Starcom rep: “It serves as an alert to our media partners who work with us to protect client investments, and it asks for their collaboration as we secure insertion orders and ad placements.”

In a semi-related development, research Ben Edelman described finding some second and third tier publishers were serving loads of ads into invisible iframes — a practice belligerent toward ad buyers if not toward consumers.

With all the attention being paid to the big bad wolves of the online ad market this fall, it’s worth keeping in mind that malicious display advertising in one form or another has been around for years. A little walk down memory lane:

November 2004: Ad serving firm Falk became an unwitting agent of the Bofra virus, delivering the Internet Explorer exploit to users whose browsers requested ads within a certain window of time.

June 2006: Ben Edelman documents how a handful of lesser-known ad networks cause pornographic pop-ups to appear in odd places — like, for instance, AOL’s sign-up page.

June 2007: Finjan Malicious Code Research Center publishes a study finding cyber-criminals have begun using affiliate ad networks to infect computers with keystroke loggers, bot net software, and other malicious code.

September 2007: Ad exchange Right Media is used to spread a virus.

That’s not to say the digital marketing community should be unconcerned. Safeguards such as those being taken by Publicis-owned agencies are an important step, and a sign of maturity for an industry inclined to quickly forget yesterday’s screw-ups.

Incidentally, before this morning I had yet to see a malicious banner ad in action. Thanks to a new report and video from Anchor Intelligence, that’s no longer true. The below clip shows the dirty deed. It’s probably the closest thing this sector will ever have to a crime reality show.

Related reading