Malvertising - we have only seen the beginning

isotopp image Kristian Köhntopp -
March 21, 2017
a featured image has an article (in German) in which they are interviewing IT-Security Consultant Thorsten Schröder on Adblockers, wasted capped mobile bandwidth and Malvertising. : Neben dem Schutz vor Malware, welche weiteren Gründe für die Nutzung von Adblockern findest Du wichtig?

Thorsten Schröder : Wenn wir als Malware all das klassifizieren, was Nutzer ausspioniert, täuscht, kompromittiert oder finanziell schädigt, haben wir im Grunde schon mal eine ganze Reihe an Gründen abgehakt. Nutzer müssen die Möglichkeit haben, selbstbestimmt das Schutzniveau ihres Computers bestimmen zu dürfen. Hat die Bundesregierung vielleicht mal das Bundesamt für Sicherheit in der Informationstechnik (BSI) gefragt? Es wäre eine gute Gelegenheit für das BSI, zu zeigen, was es drauf hat.

» Besides the protection against malware, what other reasons for using Adblockers are important to you?

Thorsten Schröder: If we classify things as malware which spy on users, deceive them, compromise them or harm them financially, we have in principle covered all reasons. Users you have the right to determine the level of protection their computers need. Did our administration ask their Bundesamt für Sicherheit in der Informationstechnik (BSI)? It would be a good opportunity for the BSI to show what they can do.«

The article goes on to discuss numbers and percentages. That is actually not helpful. The numbers stated are by construction too low, and that can not be helped. Also, the numbers are ultimately irrelevant, because Malvertisements are not distributed randomly and evenly. The point being that Ad-Networks generate their value not only from the raw number of eyeballs reached, but quite a lot comes from being able to reach the right kind of eyeballs. The better the Ad-Network, the better their targetting. 10.000 drive-by impressions are worth quite a lot more when I can make sure that all 10.000 of them hit explotable XP/MSIE 6 combos, even if the relative number of installations left in world with these characteristics is quite low.

And 10.000 impressions for ads containing this or that scam are worth a lot more, when I can select an audience for these 10.000 expressions that is badly educated, old or otherwise wrangling to stay on top of this Internet thing and thus more likely to fall for it.

Targeted advertising and Malware Distribution are a match made in hell, they amplify each other synergetically. This is an effect we need to push more to the front of this discussion. Content Sites are responsible for the ads integrated into their content and shown “as their own”. Ad Networks are responsible for the way the selectors they offer are being used.

The German construct of Störerhaftung works in all directions, not just against private Wi-Fi offerings.