Home Online Advertising Change Agent: Google Introduces Filter That Blocks Evolving Botnets

Change Agent: Google Introduces Filter That Blocks Evolving Botnets


fightforfraudGoogle is upping its defenses against ad fraud to take on three malware families.

The offenders include Bedep, plus two previously unknown entities internally code-named Beetal and Changthangi, which are named for goat species. Read the blog post.

Google has developed a filter – now available for advertisers using DoubleClick Bid Manager (DBM) and Google Display Network (GDN) – to block traffic from these families.

Ads with malware infect computers, turning them into web-surfing, ad-viewing bots; a collection of infected computers is called a botnet. The three malware families Google is guarding against are responsible for 500,000 infected machines.

“That factor in and of itself went a long way into our prioritization of that malware,” said Andres Ferrate, Google’s chief advocate for ad traffic quality.

Ferrate works within Google’s 100-plus ad quality team. (One imagines a bard singing epic poems about ad fraud whilst strumming on a lute.) As per Google’s Bad Ads report in January, the company also has more than 1,000 people globally fighting against bad ads.

Google’s new filter is designed to guard against Bedep, Beetal and Changthangi, despite their shifting patterns.

“Malware families evolve over time,” Ferrate said. “As they’re trying to mimic human behavior, their patterns might change.”

He didn’t want to say too much about how exactly the filter works for fear of divulging information to bad actors.

“We use a combination of multistage analysis to really understand this malware inside and out,” Ferrate said.

The filter takes this analysis to Google’s computational infrastructure and applies it toward blocking the three malware families. Ferrate declined to say which browsers or operating systems are most affected by the three malware families. Google, of course, owns its own browser, Chrome.

“There are a variety of reasons I can’t divulge,” he said. “I can’t talk about other platforms or products.”


AdExchanger Daily

Get our editors’ roundup delivered to your inbox every weekday.

Exploit kits – which are the vehicles that install malware – primarily affect Windows users, said Jérôme Segura, a senior security researcher at Malwarebytes Labs, in a previous interview with AdExchanger.

“Not just those using the Internet Explorer browser – there are some for Firefox as well,” Segura said at the time. “But the vast majority of computers susceptible to being exploited are Windows computers with IE.”

Macs and mobile devices aren’t necessarily safe either, though often malware for those systems require social engineering to get the user to initiate a download, rather than starting it automatically.

“Malvertisers use what’s available from each platform,” Segura said. “And that evolves with new vulnerabilities that are found.”

Google’s Ferrate noted that the company is proactively studying and analyzing malware on an ongoing basis.

“Given that we’ve been in the ad fraud-fighting business for over 15 years,” he said, “this change-resistant filter was about innovating and automating.”

Must Read

Advertible Makes Its Case To SSPs For Running Native Channel Extensions

Companies like TripleLift that created the programmatic native category are now in their awkward tween years. Cue Advertible, a “native-as-a-service” programmatic vendor, as put by co-founder and CEO Tom Anderson.

Mozilla acquires Anonym

Mozilla Acquires Anonym, A Privacy Tech Startup Founded By Two Top Former Meta Execs

Two years after leaving Meta to launch their own privacy-focused ad measurement startup in 2022, Graham Mudd and Brad Smallwood have sold their company to Mozilla.

Nope, We Haven’t Hit Peak Retail Media Yet

The move from in-store to digital shopper marketing continues, as United Airlines, Costco, PayPal, Chase and Expedia make new retail media plays. Plus: what the DSP Madhive saw in advertising sales software company Frequence.

Privacy! Commerce! Connected TV! Read all about it. Subscribe to AdExchanger Newsletters
Comic: Ad-ception

The New York Times And Instacart Integrate For Shoppable Recipes

The New York Times and Instacart are partnering for shoppable recipe videos.

Experian Enters The Third-Party Data Onboarding Business

Experian entered the third-party data onboarder market on Tuesday with a new product based on its Tapad acquisition.

Albertsons Takes Its First Steps Into Non-Endemic Advertising, Retail Media’s Next Frontier

Albertsons is taking that first step into non-endemic advertising next week via a partnership with Rokt to serve ads to people who have already purchased groceries.