Security Researchers from ICEBRG have discovered 4 Chrome Extensions with malware code that was available through the Chrome Web Store. The malicious code allowed attackers to send commands to a users’ browser and used this for clickfraud. Alex Calic, Chief Strategy and Revenue Officer commented below.
Alex Calic, Chief Strategy and Revenue Officer:
“The digital ecosystem is fertile ground for bad actors. Click fraud remains a serious issue in the digital advertising ecosystem, one which the Ads.txt and other industry initiatives attempt to solve. But these initiatives only address the symptom, not the larger root of the problem which is the lack of transparency in the digital advertising supply chain. Knowing every entity executing in a website’s digital environment is critical to defining allowable behavior and enforcing compliance. It’s incumbent upon every participant–advertiser, ad/martech and publisher–to develop and strictly enforce creative/content quality policies, minimize tracking activity, and ensure a safer, malware-free experience.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.