Malware, spyware growing threat


fraud_small.jpgADOTAS — The news of the video made it’s way around the web.

It showed a web page, and in the background a special script loaded over 1000 different “hidden” advertisements. According to the man who caught the click fraud on video, Vizi CEO Pesach Lattin, former publisher of Adotas, it then tries to install an https hijack on a users computer to create a bunch of fake fraudulent clicks to search engines.

But the larger menace behind such ads, according to security experts and industry leaders who have seen the video, is malware and spyware, which are primarily there to steal identities and take over personal computers.

“I have personally observed spyware sending traffic to the ad-loader Mr. Latin identified,” said Ben Edelman, a professor at Harvard’s Business School, focused on Internet regulation. “The records I preserved leave zero doubt that this ad-loader receives spyware-originating traffic.”Edelman said since an ad-loader provides no service to a user, it is unlikely that users would go there intentionally. Rather, the most natural way for a user to end up at an ad-loader is for the user to be forced to go there. He said he has evidence confirming that specific intermediaries that passes traffic from spyware to the ad loader.Frank Addante, founder and CEO of the Rubicon Project, doubted that impression fraud was pervasive at this point, though if left unchecked, it could become a problem. But, he said, the company was seeing more malware and spyware entering online, particularly through ad exchanges. Rubicon blocks a lot of ad networks and ads through ad exchanges because of this problem, he said.

“A lot of ways that these ad networks get into the market is that they are buying through the ad exchanges,” he said. “What we do is block the (offending) ad networks through our publishers, but we also block the ad networks through the exchanges that end up on our publishers. That second part is a lot harder than the first part. Because we found ad networks that specifically do what you just spoke about. They are inject malware and spyware.”

Security experts say that malware and spyware has little to do with click fraud, it’s about 1 percent of the total. A large majority, between 30 to 40 percent, are data theft trojans being widely distributed through compromised websites. While Conficker has received much of the media attention lately, and understandably, the most dangerous data theft trojans go unnoticed. According to Symantec, hackers are inventing up to 15,000 new infections every day.

“Click fraud is an issue, impression fraud is an important issue,” said Michael Caruso, CEO of ClickFacts. “But the bigger issue is the bots aren’t just clicking on ads. The bots and the bad guys are actually out there to steal identities.”

— Express your opinion, comment below.


  1. Vizi is the only network that hasnt paid me for any of my traffic. I cut them off after I caught them trying to serve malware and pops through banner ads. When I emailed them they claimed to know nothing about it. When I emailed them screen shots they never returned my emails. Vizi is a deadbeat network.

  2. Does Ben Edelman know Vizi is quoting him? I dont see anything on Bens page referring to this. I would believe the credibility of Ben Edelman of Vizi/Pesach any day of the week.

  3. A few things. I know Lattin has been a lightening rod on the web. This story has little to do with him except that he caught this image on video.
    I talked to him once.
    All the people I talked to, and I talked to more than the ones I included in this story, had seen the video before me, including Professor Edelman.


Please enter your comment!
Please enter your name here