Home Online Advertising Change Agent: Google Introduces Filter That Blocks Evolving Botnets

Change Agent: Google Introduces Filter That Blocks Evolving Botnets

SHARE:

fightforfraudGoogle is upping its defenses against ad fraud to take on three malware families.

The offenders include Bedep, plus two previously unknown entities internally code-named Beetal and Changthangi, which are named for goat species. Read the blog post.

Google has developed a filter – now available for advertisers using DoubleClick Bid Manager (DBM) and Google Display Network (GDN) – to block traffic from these families.

Ads with malware infect computers, turning them into web-surfing, ad-viewing bots; a collection of infected computers is called a botnet. The three malware families Google is guarding against are responsible for 500,000 infected machines.

“That factor in and of itself went a long way into our prioritization of that malware,” said Andres Ferrate, Google’s chief advocate for ad traffic quality.

Ferrate works within Google’s 100-plus ad quality team. (One imagines a bard singing epic poems about ad fraud whilst strumming on a lute.) As per Google’s Bad Ads report in January, the company also has more than 1,000 people globally fighting against bad ads.


Google’s new filter is designed to guard against Bedep, Beetal and Changthangi, despite their shifting patterns.

“Malware families evolve over time,” Ferrate said. “As they’re trying to mimic human behavior, their patterns might change.”

He didn’t want to say too much about how exactly the filter works for fear of divulging information to bad actors.

“We use a combination of multistage analysis to really understand this malware inside and out,” Ferrate said.

The filter takes this analysis to Google’s computational infrastructure and applies it toward blocking the three malware families. Ferrate declined to say which browsers or operating systems are most affected by the three malware families. Google, of course, owns its own browser, Chrome.

“There are a variety of reasons I can’t divulge,” he said. “I can’t talk about other platforms or products.”

Subscribe

AdExchanger Daily

Get our editors’ roundup delivered to your inbox every weekday.

Exploit kits – which are the vehicles that install malware – primarily affect Windows users, said Jérôme Segura, a senior security researcher at Malwarebytes Labs, in a previous interview with AdExchanger.

“Not just those using the Internet Explorer browser – there are some for Firefox as well,” Segura said at the time. “But the vast majority of computers susceptible to being exploited are Windows computers with IE.”

Macs and mobile devices aren’t necessarily safe either, though often malware for those systems require social engineering to get the user to initiate a download, rather than starting it automatically.

“Malvertisers use what’s available from each platform,” Segura said. “And that evolves with new vulnerabilities that are found.”

Google’s Ferrate noted that the company is proactively studying and analyzing malware on an ongoing basis.

“Given that we’ve been in the ad fraud-fighting business for over 15 years,” he said, “this change-resistant filter was about innovating and automating.”

Must Read

Comic: Gamechanger (Google lost the DOJ's search antitrust case)

DOJ v. Google: How Judge Brinkema Seems To Be Thinking After Week One

Where the DOJ v. Google ad tech antitrust trial stands after one week’s worth of remedies arguments.

Swish, A Company That's Bringing Programmatic to Product Sampling, Announces Seed Funding

Swish, a startup that partners with retailers to provide product full-size CPG samples to people doing their grocery shopping online, announces $2.3 million in seed funding.

DOJ v. Google: During Opening Arguments, The DOJ And Google Battle Over An AdX Divestiture

Court is back in session. And the fate of  the open internet is in the balance.

Privacy! Commerce! Connected TV! Read all about it. Subscribe to AdExchanger Newsletters
Chris Mufarrige, director, Bureau of Consumer Protection, FTC

FTC Consumer Protection Chief: No Easy Answers On Privacy, ‘Only Trade-Offs’

Privacy isn’t black-and-white, says the FTC’s Chris Mufarrige, promising evidence-driven consumer protection cases under the Trump administration.

How Encryption Keys Could Resolve The TID Furor

Rather than sharing universal TIDs that any DSP or curator can access, Raptive says publishers should instead share encrypted TIDs with an encryption key provided only to trusted demand-side partners.

Clear Channel Brings Mid-Flight Measurement To Its OOH Network

Clear Channel will provide advertisers weekly, mid-flight reports on outcomes driven by its inventory in order to bring OOH measurement closer to the speed of digital.