Home Publishers Former Oath Execs Launch Startup To Fight Malware Before It Strikes

Former Oath Execs Launch Startup To Fight Malware Before It Strikes

SHARE:

Does the world need yet another tech company to combat malvertising on the internet?

“Well, do you still constantly see malvertising when you browse the internet?” said Seth Demsey, co-founder of Clean Creative, an anti-malware company started by a handful of security experts and Oath vets who exited before the name change.

Touché.

Based in Baltimore, Clean Creative came out of stealth on Tuesday with former Oath SVP of publisher platforms Matt Gillis as CEO, a roster of 30 publisher clients and 19 employees with plans to hire more throughout 2019. The team has been working on the technology for over a year.

Malware continues to plague the advertising ecosystem because common tactics like blacklists and creative scans aren’t up to the task, said Demsey, whose previous day job was chief technology officer of AOL/Verizon’s ads business.

Blocking known threats leads to a false sense of security. You’ve got to catch the unknown threats, and you’ve got to do it at scale, Demsey said.

“Otherwise, it’s always going to be that cat-and-mouse game, because you’re up against people who are highly motivated to keep doing this – it’s lucrative for them,” he said. “These guys just have to modify three characters of their code and they can get their exploits back out into the ecosystem again.”

Publishers add a line of JavaScript to their web page or app and Clean Creative monitors any code being executed in ads in real-time on live traffic to determine whether it’s doing something it shouldn’t, like triggering a popup or a redirect. The creative can still render – so the publisher can still get paid – but the malicious code is halted in its tracks. The code then gets classified and added into Clean Creative’s threat library.

In this way, the technology can automatically find and root out bad code it’s not specifically looking for and then block related threats in bulk rather than on a threat-by-threat basis.

“We found an exploit that attacked Vodafone cell phones, for example, but only on Android and only in the Facebook webview,” Demsey said. “We would never have found that or tested for that, but one day the system dinged and said, ‘Hey, take a look at this sucker.’”

Demsey said that the company’s detection technology comes across new forms of malvertising all the time, but he doesn’t like going into detail, at least not publicly.

Subscribe

AdExchanger Daily

Get our editors’ roundup delivered to your inbox every weekday.

“Sometimes, honestly, I chuckle when I see some new exploit and think, ‘Well, that’s super-creative,’” Demsey said. “But we don’t want to open up new threat vectors by alerting someone who doesn’t happen to know about a new method already. We don’t want to make it any easier for people building these scripts.”

Because it’s certainly not easy out there for digital publishers trying to make a living.

“It’s so hard to build an audience, retain users, create great content, have an incredible user experience – but even if you do it, a bad guy can destroy all of that hard work with one simple malvertising campaign,” Gillis said. “And most users won’t say anything. It’s like a bad meal at a restaurant. They won’t tell you how bad it was – they’ll just leave and go elsewhere.”

Must Read

Comic: Gamechanger (Google lost the DOJ's search antitrust case)

DOJ v. Google: How Judge Brinkema Seems To Be Thinking After Week One

Where the DOJ v. Google ad tech antitrust trial stands after one week’s worth of remedies arguments.

Swish, A Company That's Bringing Programmatic to Product Sampling, Announces Seed Funding

Swish, a startup that partners with retailers to provide product full-size CPG samples to people doing their grocery shopping online, announces $2.3 million in seed funding.

DOJ v. Google: During Opening Arguments, The DOJ And Google Battle Over An AdX Divestiture

Court is back in session. And the fate of  the open internet is in the balance.

Privacy! Commerce! Connected TV! Read all about it. Subscribe to AdExchanger Newsletters
Chris Mufarrige, director, Bureau of Consumer Protection, FTC

FTC Consumer Protection Chief: No Easy Answers On Privacy, ‘Only Trade-Offs’

Privacy isn’t black-and-white, says the FTC’s Chris Mufarrige, promising evidence-driven consumer protection cases under the Trump administration.

How Encryption Keys Could Resolve The TID Furor

Rather than sharing universal TIDs that any DSP or curator can access, Raptive says publishers should instead share encrypted TIDs with an encryption key provided only to trusted demand-side partners.

Clear Channel Brings Mid-Flight Measurement To Its OOH Network

Clear Channel will provide advertisers weekly, mid-flight reports on outcomes driven by its inventory in order to bring OOH measurement closer to the speed of digital.