How the ad tech industry handles security to combat malvertising attacks

Malvertising—or the act of hiding malware in advertisements—is not a new concept, but it has picked up pace over the years. In 2023, “one in every 79 impressions was dangerous or highly disruptive” to users, according to a report from Confiant, an ad security firm in NYC.

The quality of ads from both a security and technical standpoint has declined, with the report stating that “the quality violation rate in Q4 2023 was the highest level since 2018,” and that the industry security violation rate went up by approximately 0.26% for 2023.

Quality violations include ads that contain “misleading claims,” “undesired audio” and video, and “undesired expansion,” while security violations include ads that serve up “forced redirects,” “fake software updates,” “fake ad servers,” and “criminal scams.”

“The hardest part to all this is that the industry is not the victim of these attacks. The industry is the vector of these attacks,” Louis-David Mangin, the CEO and co-founder of Confiant, told IT Brew. “These criminals know that they can come to the ad tech industry, and they can pay to play.”

Crunching numbers. Mangin and Jerome Dangu founded the firm in September 2013, and have made it their mission to combat malvertising, with Mangin noting that “security is a data game.”

“You can’t effectively catch these criminals without having equal or better data than them,” he said. Threat actors engaging in malvertising, he says, are aware that advertising is one of the best ways to get their malicious links right in front of internet users. Mangin says these groups can also “use the industry’s targeting abilities to reach their victims.”

“Ad tech is a very unique technology environment. It has more data flow in the first few hours of the month than every other marketplace in the world combined in the whole month,” he said.“So, the amount of data moving through these pipes creates a really good environment for criminals to hide.”

Confiant’s partners include MSN, Business Insider, eBay, Magnite, Politico, Tribune Publishing, Gannett, and more.

Block ’em. For users looking to combat malvertising on a basic level, Mangin suggests using an ad blocker. The Department of Defense, National Security Agency, and CIA have also implemented some form of ad blocking to combat malware and data collection threats, according to both Vice and Adweek.

​​”There’s a whole swath of users that are leaning into ad blocking,” he said, encouraging users to be aware of the links they’re clicking on due to the implementation of “sophisticated social engineering” tactics.

“If it looks too good to be true, take a minute and pause—it probably is,” he said. “Just because a publisher is showing an ad doesn’t mean they’re endorsing the quality of the advertiser.”