Google Finally Quashes Month-Old Malvertising Campaign

← Back to Stories (view on slashdot.org)

Google Finally Quashes Month-Old Malvertising Campaign

Posted by samzenpus on Thursday January 15, 2015 @08:18PM from the better-late-than-never dept.

jfruh writes Since the middle of December, visitors to sites that run Google AdSense ads have intermittently found themselves redirected to other sites featuring spammy offerings for anti-aging and brain-enhancing products. While webmasters who have managed to figure out which advertisers are responsible could quash the attacks on their AdSense consoles, only now has Google itself managed to track down the villains and ban them from the service.

39 of 56 comments (clear)

Min score:

Reason:

Sort:

Don't do evil by thsths · 2015-01-15 20:32 · Score: 4, Interesting

unless it is profitable.
Google standards have certainly slipped. You would expect them to prevent this at all cost, and to have a system in place that prevents it from happening. But unfortunately the very opposite is happening: unruly ads are becoming more and more common, and Google doing very little to prevent it.
1. Re:Don't do evil by phantomfive · 2015-01-15 20:57 · Score: 2
  
  Yeah, I remember when Google's goal was to index the world's information. That seems to have taken a back seat to generating ever more revenue.
  
  --
  "First they came for the slanderers and i said nothing."
2. Re:Don't do evil by Njorthbiatr · 2015-01-15 21:14 · Score: 1
  
  Google does something and they're called out for not doing that thing?
  This isn't making any sense. Are we just getting upset at Google because Google?
3. Re:Don't do evil by Anonymous Coward · 2015-01-15 22:03 · Score: 1
  
  googles goal has ALWAYS been generate more revenue, you are confusing there public messaging with what they actually do.
4. Re:Don't do evil by bloodhawk · 2015-01-15 22:13 · Score: 3, Insightful
  
  No they are being called out for how slow they are, just like when we call out MS when they are slow on patches. It is even worse for google as they like to blow there own trumpet on how important security is to them.
5. Re:Don't do evil by hairyfeet · 2015-01-15 23:00 · Score: 4, Insightful
  
  Nooo, folks are getting upset because Google USED to be consumer centric and seemed to really care about its end users, but for the past few years (since around the time they launched G+ and started pushing for real names and tying everything to a single user) they have seemed to toss that out the window in favor of ever higher stock prices.
  I have to wonder if this is something that cannot be avoided as it seems every corp that reaches the top of the heap turns into an asshole. Its like they reach a certain point and their drive to innovate and be the best is replaced by a paranoid desire to hang onto what they have and crush competition, from MSFT's OEM contracts to Google's damned near word for word copies of those contracts when it comes to handset makers, its like they reach a point and the engineers are replaced by MBAs and they just turn into giant douchebags.
  
  --
  ACs don't waste your time replying, your posts are never seen by me.
6. Re:Don't do evil by houghi · 2015-01-15 23:53 · Score: 3, Interesting
  
  The first moment people were alerted was when they killed DejaNews.com But I said nothing, because I was not a Usenet user ...
  
  --
  Don't fight for your country, if your country does not fight for you.
7. Re:Don't do evil by Jeff+DeMaagd · 2015-01-16 01:44 · Score: 2
  
  Sometimes it helps to at least read the abstract. The complaint was about the speed.
  "Since the middle of December... ...only now has Google itself managed to track down the villains and ban them from the service."
  Another issue is Google's ad system being vulnerable to being bait and switched, even allowing advertisers any opportunity to do that seems a poor decision.
8. Re:Don't do evil by Njorthbiatr · 2015-01-16 02:03 · Score: 1
  
  Well I don't know if that's fast or slow.
  I'm an investor not a software security expert.
9. Re:Don't do evil by hattable · 2015-01-16 03:52 · Score: 1
  
  How can they support their goal without revenue?
  
  --
  OMG facts!
10. Re:Don't do evil by CaptainDork · 2015-01-16 04:47 · Score: 1
  
  Actually, Google's paradigm shift from "cool" to "fool" coincides with their date of IPO.
  Shareholders are in it for the money and every other consideration is off the table.
  Aggravating that shift is the shareholders' "me ... now" short-term vision of making infinite amounts of money in an extremely short period of time.
  Look at Bezo's long term vision of making profits at Amazon at some distant date and the shareholders' diminished enthusiasm.
  Talented employees who made those companies blossom, and who took low pay in trade for stock options, get pissed off after the post-IPO corporate assholes enforce standard hours, reduce perks, and shift the focus from R&D to revenue production.
  
  --
  It little behooves the best of us to comment on the rest of us.
11. Re:Don't do evil by phantomfive · 2015-01-16 05:33 · Score: 1
  
  There's a difference between generating revenue to meet your goal, and making your goal to generate revenue.
  
  --
  "First they came for the slanderers and i said nothing."
12. Re:Don't do evil by Oligonicella · 2015-01-16 05:36 · Score: 1
  
  Indeed. Higher on the lead page you'll find an article about Google having a team to search for MS bugs and outing *them* if they don't patch fast enough.
Not a priority by phantomfive · 2015-01-15 20:56 · Score: 2

Stopping malware is not a priority for advertising companies. The priority is to do whatever they can to help advertisers, because advertisers give them money. Money focuses people's priorities (including mine).

--
"First they came for the slanderers and i said nothing."
1. Re:Not a priority by RogueyWon · 2015-01-15 22:44 · Score: 4, Insightful
  
  It should be a priority - because if it isn't, it will start hitting revenue. I'd gone years without using adblocking software, on the grounds that I knew a lot of sites I liked depended on advertising income.
  When Yahoo! ads starting redirecting to ransomware-pushers a couple of months ago, I reversed my policy fast.
2. Re:Not a priority by thsths · 2015-01-15 22:45 · Score: 1
  
  > Stopping malware is not a priority for advertising companies.
  > The priority is to do whatever they can to help advertisers, because advertisers give them money.
  Yes, but there is a gap between the two statements. How about:
  The priority is to do whatever they can to help malware (while only appearing incompetent and not actually evil), because malware spreaders are giving them money.
  All I am saying that this is a very slippery slope. Google is most certainly helping to spread malware, and they are probably making money from it. And they could do more to avoid it if they wanted to...
3. Re:Not a priority by Anonymous Coward · 2015-01-16 00:53 · Score: 1
  
  Even if you're one in a million there's still a hundred other people like you.
4. Re:Not a priority by jafiwam · 2015-01-16 02:32 · Score: 1
  
  > Stopping malware is not a priority for advertising companies.
  > The priority is to do whatever they can to help advertisers, because advertisers give them money.
  Yes, but there is a gap between the two statements. How about:
  The priority is to do whatever they can to help malware (while only appearing incompetent and not actually evil), because malware spreaders are giving them money.
  All I am saying that this is a very slippery slope. Google is most certainly helping to spread malware, and they are probably making money from it. And they could do more to avoid it if they wanted to...
  Malware is the primary reason why I have aggressive ad blocking strategies.
  I don't see ads on the internet.
  If I never had to clean up some poor sap's computer of malware caused by ads, I wouldn't care about ads. I have the bandwidth to handle it. I just don't want my shit infected.
5. Re:Not a priority by swillden · 2015-01-16 02:46 · Score: 2
  
  Stopping malware is not a priority for advertising companies. The priority is to do whatever they can to help advertisers, because advertisers give them money. Money focuses people's priorities (including mine).
  It is actually a priority. Google's ad-ranking system takes into account not just the revenue potential from an ad click but also "ad quality", a metric that considers various aspects of the ad, the site to which it links, and more, all related to the user experience. Because Google knows that it's important that when users click on a Google ad they have a good experience. Otherwise, they'll click less. Given that Google only gets paid when they click, that's directly bad for revenue. It likely also reduces the value of the ad to the advertiser, since users who do click may arrive more skeptical of what they'll find, and be less likely to buy. So advertisers will bid less, and that's bad for revenue.
  To help the advertisers, Google provides feedback on what they can do to improve their ad quality metric, because it's one of two levels advertisers have to control how often their ad is shown (the other is how much money they bid for each click). Google also provides details statistics to enable advertisers to calculate their ROI from advertising on Google, which will quickly show the damage from any degradation in user trust in Google ads.
  I don't know the details of what happened here, and although I could search the bug database to find out, if I knew the details I couldn't post. That said, I strongly suspect that what happened here is that the situation was more complicated than is presented in the article and that there were very good reasons why it took the Google ads team so long to address the issue. Because bad ads are bad for Google.
  (Disclaimer: I work for Google, but don't speak for Google. My description of the ad ranking system is public knowledge and the rest is only my opinions.)
  
  --
  Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
6. Re:Not a priority by idontgno · 2015-01-16 02:47 · Score: 1
  
  I'd gone years without using adblocking software,
  
  Nobody ever went broke underestimating the intelligence of the American public.
  -- H. L. Menken
  
  --
  Welcome to the Panopticon. Used to be a prison, now it's your home.
7. Re:Not a priority by swillden · 2015-01-16 02:51 · Score: 1
  
  one of two levels
  Er, I meant "levers". If only there were some way to see my post before it's submitted...
  
  --
  Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
8. Re:Not a priority by tlhIngan · 2015-01-16 04:58 · Score: 1
  
  It is actually a priority. Google's ad-ranking system takes into account not just the revenue potential from an ad click but also "ad quality", a metric that considers various aspects of the ad, the site to which it links, and more, all related to the user experience. Because Google knows that it's important that when users click on a Google ad they have a good experience. Otherwise, they'll click less. Given that Google only gets paid when they click, that's directly bad for revenue. It likely also reduces the value of the ad to the advertiser, since users who do click may arrive more skeptical of what they'll find, and be less likely to buy. So advertisers will bid less, and that's bad for revenue.
  
  Too bad that only applies to ads sold directly by Google Ads, and not say, DoubleClick or every other ad network Google owns and operates.
9. Re:Not a priority by phantomfive · 2015-01-16 05:42 · Score: 1
  
  Given that Google only gets paid when they click, that's directly bad for revenue.
  That's a good point.
  
  --
  "First they came for the slanderers and i said nothing."
10. Re:Not a priority by phantomfive · 2015-01-16 05:55 · Score: 1
  
  It's based on the fact that if you don't focus on money with at least part of your time, you will not survive. Similarly, our culture has a huge focus on eating (we even stop work for that ritual). It has to happen to some degree.
  
  --
  "First they came for the slanderers and i said nothing."
11. Re:Not a priority by swillden · 2015-01-16 08:12 · Score: 1
  
  It applies to all pay-per-click ads. For impression ads the situation is less direct, but bad ads make impression ads less valuable to advertisers.
  In the long run, this sort of issue is bad for Google, period. In many corporations the long run is irrelevant, but Google doesn't have to think that way because of its stock voting structure, and Google doesn't think that way.
  
  --
  Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
system is not foolproof ... by thephydes · 2015-01-15 21:02 · Score: 2

"Google says that AdSense content is “reviewed by real people and clever machines” before appearing on websites. But the system doesn’t appear to be foolproof." If you actually believe that it's foolproof, then you could well be labeled a fool. just sayin
1. Re:system is not foolproof ... by SeaFox · 2015-01-15 21:29 · Score: 1
  
  "Google says that AdSense content is “reviewed by real people and clever machines” before appearing on websites. But the system doesn’t appear to be foolproof."
  Maybe their reviewers are in need to something to give them a mental boost so they can be more diligent. Or, possibly time to bring in some young blood on staff.
2. Re:system is not foolproof ... by meerling · 2015-01-15 22:27 · Score: 2
  
  Maybe they have too much 'young blood' and need some critical and skeptical 'old school'.
  Age doesn't have anything to do with it, procedures and techniques on the other hand...
Re:This is why I use adblockers by houghi · 2015-01-16 00:02 · Score: 2

I hate adds since the moment they were around. I always have hated them and not only online. I hate them in the streets. I hate them on TV. I hate them on cars. I hate them on clothes.
And there is no way of turning them off. Except perhaps for North Korea, you will be bombarded by ads. Here a quote that I really like.

People are taking the piss out of you everyday. They butt into your life, take a cheap shot at you and then disappear. They leer at you from tall buildings and make you feel small.
They make flippant comments from buses that imply you're not sexy enough and that all the fun is happening somewhere else.
They are on TV making your girlfriend feel inadequate. They have access to the most sophisticated technology the world has ever seen and they bully you with it.
They are The Advertisers and they are laughing at you.
You, however, are forbidden to touch them. Trademarks, intellectual property rights and copyright law mean advertisers can say what they like wherever they like with total impunity.
Fuck that.
Any advert in a public space that gives you no choice whether you see it or not is yours. It's yours to take, re-arrange and re-use.
You can do whatever you like with it. Asking for permission is like asking to keep a rock someone just threw at your head.
You owe the companies nothing. Less than nothing, you especially don't owe them any courtesy. They owe you.
They have re-arranged the world to put themselves in front of you. They never asked for your permission, don't even start asking for theirs.
- Banksy
The issue is far worse and all we do is treat it differently because it has "On the internet" in front of it.

--
Don't fight for your country, if your country does not fight for you.
SOME visitors by TheCarp · 2015-01-16 00:25 · Score: 1

That shit doesn't happen to me because I run requestpolicy. When I load up site X.Y.Z and it says "Here load content from a.b.c" It....doesn't load unless I manually approve it. For all sites all the time, and google....almost NEVER gets the approval unless absolutely required.

--
"I opened my eyes, and everything went dark again"
1. Re:SOME visitors by amorsen · 2015-01-16 08:04 · Score: 1
  
  And then you try to open a mainstream news site, like the Washington Times article linked to earlier, and you are presented with a full-page list of sites the page wants to load content from. It turns out the CSS one is washtimes.com, and that is all that was actually required.
  I wish requestpolicy would label links by how they got pulled in (CSS, image, script...)
  
  --
  Finally! A year of moderation! Ready for 2019?
2. Re:SOME visitors by TheCarp · 2015-01-17 04:18 · Score: 1
  
  Yes this would help a lot, especially for videos though, a lot of times, I just give up and move on, or put up with finding the text in the middle and reading it with no formatting.
  
  --
  "I opened my eyes, and everything went dark again"
You can't expect google to know everything,.. by Black+Copter+Control · 2015-01-16 00:38 · Score: 1

oh, wait!

--
OS Software is like love: The best way to make it grow is to give it away.
ongoing by slashmydots · 2015-01-16 02:35 · Score: 1

And yet nothing is done about the 10+ year ongoing fraud from iyogi and other pretend support companies. Go ahead, type "Hp support" or "microsoft support" or "samsung support" into google and look at the ads.
Re:This is why I use adblockers by swillden · 2015-01-16 02:49 · Score: 1

I hate adds since the moment they were around.
Either you must be the oldest person alive, or you mean "since I was old enough to notice them". Also, the word is "ads", short for "advertisements".
Related to the Banksy quote, I'd say that ads on the Internet are even easier to control. Just install AdBlock. No, it doesn't get all of them, but it comes close.

--
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
They let this crap continue by xaotikdesigns · 2015-01-16 06:32 · Score: 1

yet they'll close out my account and ban me for life without ever even telling me why...

--
XDInd
They're pretty quick to out Microsofts Bugs by Timmy+D+Programmer · 2015-01-16 09:46 · Score: 1

You would think they would be more diligent with their own security issues.

--

(If at first you don't succeed, do it different next time!)
Mod parent up, please! by billstewart · 2015-01-16 12:47 · Score: 1

Exactly my reaction.

--

Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Abusing Zedo and Doubleclick Ads by billstewart · 2015-01-16 12:59 · Score: 2

I was ok with Google ads, because they were just a little box with some text links, no bulky images, no animation, no Flash, and if there was any Javascript in it, it was well-written and not a resource hog. (Eventually I gave up and let AdBlockPlus block them too, because collateral damage was easier than special-casing them.)
But Zedo, the folks with popunder windows? Kill them with fire, put all their domain names in /etc/hosts as 127.0.0.2, tell Firefox to block images from them, and block Javascript and Flash from anybody I could identify using a Zedo ad. (Same for X10.)
Doubleclick was an early ad company, and as far as I could tell, before Google bought them their slogan was "Be Evil. Buy Ads from the Dark Side, We've Got Cookies!" so I'd been blocking them in /etc/hosts for a long time.
So if Bad Guys were putting even more malware into Zedo and Doubleclick, that's just a reminder that blocking aggressive advertisers is a good idea.

--

Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks