Resource Library

Explore the issues that matter most in the programmatic ecosystem

Buyersdotjson Whitepaper-01

The Urgent Need for Buyers.json

To eradicate malvertising, publishers and SSPs need a solution that will increase buy-side transparency and help identify bad actors across all access points at once.

Subscribe to our newsletter

Read by premium publishers like The Guardian, Gannett, and CBSi to stay ahead of issues and improve web and ad experiences. 

Top Posts

Top Posts
malware

The Difference Between Malvertising and Ad Fraud (And Why It Matters)

The terms are sometimes used interchangeably, but they mean very different things, and refer to very different targets. 

malicious-code-img


4 Reasons Malvertisers are Some of the Most Sophisticated Advertisers

It will come as no surprise to digital publishers that in 2020 ad blockers remain a top cause of revenue loss. 

Misleading Claims 2-01


The Scourge of Misleading Claims

Review Confiant's new protection against ads with Misleading Claims 

Browse The Library

Want to go deep on a subject? We've got you covered.

Popular terms

ssps active threat groups quality security suitability dsps publishers

Blog

Learn more about our vision, philosophy, and offering

Case Study: Learn how Smart achieved 99% secure ads

With Confiant partnership in providing ad security and protection, Smart further strengthened and improved adops processes to reach a world-class 99.9% of ad-secure revenue, almost eradicating security threats on Smart’s marketplace.

Confiant Now Covers Native Ads

Confiant gives you back control over the native ads served on your site. We've expanded Confiant coverage to include On-Page Native Ads. 

#DataPrivacyDay: Our Roundup of MUST-READs on Privacy

If you were on Linkedin at all yesterday, you probably noticed that January 28th is #DataPrivacyDay (if you didn’t already know, now you know) . 

Confiant detection & blocking misleading claims: What is it & why it matters

2020 has seen the rise of a specific type of malvertising that is less reliant on previous tactics such as forced redirects to phishing malware pages. While not new, the approach of using misleading imagery, language, and cloaked landing page domains has become more common.

Malvertising activity in November

This blog post series recaps some of the large attacks Confiant observed and prevented during November, identifying the threat groups involved, and some of the tactics currently in use. 

Malvertising activity in September

This blog post will recap some of the large attacks Confiant observed and prevented during September, identifying the threat groups involved, and some of the tactics currently in use.

FizzCore: A Growing Threat to Publishers’ Revenue and Audiences

Threat actors are malicious entities responsible for organizing and executing attacks that compromise the data of an individual or organization. In the world of programmatic advertising and digital publishing, new threat actors continuously emerge armed with advanced techniques and tactics to compromise data.

SSPs aren't created equally: Insights into which SSPs drove the most problematic impressions in Q2, 2020

As the programmatic landscape continues to evolve post-COVID, we take a look back at last quarter (Q2) to understand how supply-side platforms (SSPs) are performing when it comes to ad quality.

The Evolution of Malvertising and its Impact on the Future of Publishing

Malicious advertising, also known as malvertising, is a common and highly-profitable security threat involving the publication of malicious ads through legitimate online publishing platforms.

A Publisher’s Guide to Evaluating Ad Security and Ad Quality Solutions

Digital publishers seemingly face a dilemma between protecting their audiences from malicious, disruptive, and offensive ads, or having to sacrifice revenue by ruthlessly cutting sources of low-quality demand.

The Difference Between Malvertising and Ad Fraud (And Why It Matters)

The terms are sometimes used interchangeably, but they mean very different things, and refer to very different targets.

Publishers are Worried About Political Ads this Election Season

Online political advertising is exploding. Back in 2008, candidates spent a meager $22.25 million on online political ads, but by 2016 that number had grown to $1.4 billion.

What ad quality issues do top publishers care about?

It’s tempting to write off malvertisers as simply an annoyance or unsophisticated criminals, but nothing could be further from the truth.

4 Reasons Malvertisers are Some of the Most Sophisticated Advertisers

It will come as no surprise to digital publishers that in 2020 ad blockers remain a top cause of revenue loss. Users are installing ad blockers at an alarming rate.

Stopping wapSiphone: A Malvertising Threat to Mobile Devices

Threat actors are always developing creative new ways to circumvent obstacles that block their access to user data, resulting in a rapidly evolving threat landscape that targets both mobile and desktop environments.

Why fighting malvertising requires a multi-layered approach

Malvertisers work tirelessly to exploit the fragmented nature of the digital ad ecosystem, yet bad ads are often downplayed as just a publisher or user issue.

Gain more control over your ad experience with Brand & Category Controls (Beta)

We’re excited to announce the beta release of Confiant’s Brand and Category Controls, the latest advance in our mission to put publishers back in control over their ad experience.

Success Story: How Complex Media prevents revenue & user disruption by controlling the Ad experience

Complex Media is a multimedia platform and online community that publishes premium content around pop culture. With over 120 million people engaging with their content, providing a premium user & ad experience is a top priority.

Top performing SSPs in Q1 2020?

In this blog post, we’ll dive a bit deeper into the supply chain and look into the SSPs that were impacted with problematic ads in Q1.

Worried about GDPR and CCPA? Don’t Overlook the Malvertising Threat.

Are you’re a publisher who’s made major changes in the wake of new regulations and new anxieties about data privacy? Good work, but I have unfortunate news to share. You may not be doing enough.

Ad Security Issues In July

Recap of ad security issues for the month of July 2020.

Insights into vulnerabilities in Q1 2020

Learn about 3 characteristics of a malvertising attack: What countries did the campaign target, which platforms and OS were most vulnerable, and what site categories are malvertisers most interested in.

Forced redirects now. What's next?

There is a new malvertising attack on the rise that leverages a well-known threat actors technique by a group we've been tracking, called FizzCore.

See More

Research

Read about our latest research and findings around malvertising and threat groups.

Tag Barnakle One Year Later: 120+ More Revive Adserver Hacks

In the last 12 months, we've identified over 120 revive instances that bear attribution markers of Tag Barnakle, a threat actor whose specialty is the mass compromise of Revive Adserver instances. 

Malvertiser “ScamClub” Bypasses Iframe Sandboxing With postMessage() Shenanigans [CVE-2021–1801]

Our Sr. Security Engineer Eliya dives into the mechanics of a long tail iframe sandbox bypass found in a payload belonging to the persistent malvertising attacker that we call ScamClub. 

Malvertiser: Made in China

In this article, we present eGobbler and their doppelganger Nephos7, two loosely relayed cybercrime groups. Our research team dives into their origins and what made them successful over time.

Persistent malvertising attacker DCCBoost raged as the year faded

500k malicious ads served the week leading up to new years eve, over 25MM since.

Tag Barnakle: The Malvertiser That Hacks Revive Ad Servers, Redirects Victims To Malware

Uncover the details behind one such ongoing malvertising campaign that is perpetrated by an attacker via mass compromise of Revive Adserver instances.

Confiant & Protected Media Uncover Mobile Billing Malvertiser Dubbed 'wapSiphone'

There is a new malvertising threat actor that leverages media buys in order to collect the MSISDNs of their victims for further exploitation in a WAP billing scheme.

Malvertising, Site Compromise, and a Status Report On Drive-by Downloads

Explore the details behind a recent spree of website hacks and the malicious payloads that were embedded and served to unwitting victims.

Internet Explorer CVE-2019-1367 Exploitation - Prelude

An introduction to CVE-2019-1367's background and in-the-wild exploitations.

Internet Explorer CVE-2019-1367 Exploitation - Part I

In this section, we will review how to extract the exploit from the pcaps generously provided by malware-traffic-analysis.

Internet Explorer CVE-2019-1367 Exploitation - Part II

Explore the exploits we found in the wild used by both Magnitude Exploit Kit and DarkHotel APT.

Internet Explorer CVE-2019-1367 Exploitation - Part III

Shellcode analysis for Internet Explorer CVE-2019-1367 exploitation.

Browlock Malvertisers Abuse Unaddressed Denial-of-Service Bugs That Sit Dormant for Years

This blog will dissect a tech support scam that we caught on a major publisher running via native-style ads.

The Trend of Client-Side Fingerprinting in Cloaked Landing Pages

Examine the client-side aspect of cloaking in non auto-redirect based malvertising chains.

Persistent Malvertising Attacker DCCBoost Raged as the Year Faded

500k malicious ads served the week leading up to New Years Eve and there have been over 25MM since.

See More

News

Read about our latest research and findings around malvertising and threat groups.

Smart AdServer achieves top ranking in "Most Secure Ad Platform" of 2020 According to Recent Analysis by Confiant

Global Independent Adtech Platform Credits Advanced Ad Security Technology and Strict New Client Standards.

Confiant Launches New Native Ad Verification Solution

Confiant Elevates Protection against Malvertising to include On-Page Native Ad Monitoring.

Malvertising Ads Sophistication to Disruption

A malvertiser that was present on Microsoft services in France affecting Windows 10 desktops.

Group Behind Windows 10 App Malvertising Pushed 100M Ads in 2019

This group is behind millions of advertisements that redirect users to scams, malware, and adware bundles.

Malvertising Campaign Reaches 100M Ads, Manipulates Supply Chain

A sophisticated and growing malvertising attacker is partnering with legitimate ad tech platforms to drop malware at scale.

What is digital steganography?

A highly creative way to hide information.

1 Out Of Every 100 Online Advertisements is Infected With Malvertising

On almost every fifth internet site there exists the risk of coming in contact with Malvertisting

Confiant Secures $4.1M For its Ad Security Solution

Confiant’s made strategic use of venture debt during its growth, which allowed us to maintain our growth rates without giving up control.

Malicious and disruptive ads have decreased from last year: report

This is Confiant’s fourth report and the first time we have access to year-over-year data

Malicious and Disruptive Ads Account for 1 in Every 100 Impressions

These insights and others from the report strongly suggest that publishers need to carefully consider what SSPs they choose to work with

Malvertising Found In 1 In Every 100 Ad Impressions

Amid all of the headlines about ad fraud comes some reasonably good news, for a change

Study: 1 in 100 ad impressions come from malicious source

About 1 in 100 ad impressions comes from a malicious or disruptive ad

Confiant Shows Malicious and Disruptive Ads Affecting Impression Rates

Confiant observed a substantial decrease in the violation rates from Q4 2018 to Q1 2019

Ad security firm Confiant raises $4.1m to fight against ad fraud

Confiant is the first company to address this issue holistically and make media safe for publishers and consumers

Confiant Raises $4.1 M to Enhance Advertising Platform

Led by River Bay Investments, Capital Infusion Will Accelerate Confiant’s Growth and Product Innovation

The AlleyWatch Startup Daily Funding Report: 5/2/2019

The latest venture capital seed and angel deals for NYC startups

eGOBBLER iOS Malvertising Campaign Uses Chrome Zero-Day

Right away we were surprised to find that the payload’s main session hijacking mechanism was pop-up based

Over 500 Million Chrome iOS Sessions Hijacked in Malvertising Campaign

Confiant has spotted the known threat actor eGobbler back in action

Confiant Secures $4.1M For its Ad Security Solution

Confiant, an advertising security company announces it has raised a Series A $4.1M to stop malicious activity in programmatic advertising

Confiant Built To Keep Publishers And Consumers Safe From Ad Malware

Confiant's mission is to tackle advertising security as criminals have hijacked the digital advertising ecosystem.

Security Concerns Regarding Malvertising are High, Despite Reduction of Bad Ads

Credible publishers who depend on ads to generate revenue online surely understand how troubling the malvertising issue can be.

A Tech Monopoly That Elizabeth Warren Could Love?

LD Mangin, the CEO of Confiant, says it’d be best for his clients if his company was a public utility. You know - the good kind of monopoly.

Malvertising is on the decline but serious security issues remain

One in every 250 ad impressions are still problematic, research suggests

macOS users targeted with new Tarmac malware

This malvertising campaign distributing the Shlayer+Tarmac combo started in January this year, according to Taha Karim, a security researcher at Confiant

Surge of malicious ads target iOS and macOS users

By exploiting zero-day vulnerabilities in Chrome and Safari, cybercriminals were able to serve over 1bn malicious ads to users

Malvertising Attack Hijacks 1B+ Sessions With Webkit Exploit

The eGobbler threat actor is back with a new malvertising campaign that has hijacked more than 1 billion sessions

Malvertiser exploited 2 browser bugs to show 1 billion malicious ads

eGobbler exploits bugs in Chrome for iOS, Chrome, and Safari for desktop to show popup ads and redirect users to malicious sites

Webkit zero-day exploit besieges Mac & iOS with malvertising redirects

Flaw rendered ad-sandboxing protections 'entirely useless', researchers say.

iPhone Users Warned To Update As 1.1 Billion Attack Is Confirmed

I first wrote about eGobbler, the prolific threat actor behind malvertising campaigns with a history of compromising adverts in their hundreds of millions in a matter of hours, on April 17, 2019.

EGobbler Malvertising Campaign Targets Safari & Chrome Users

Attackers exploited a zero-day vulnerability in Chrome and Safari web browsers and served up more than 1 billion malicious ads to users between August and September 2019, said security firm Confiant.

eGobbler Malvertiser Uses WebKit Exploit to Infect Over 1 Billion Ads

Roughly 1.16 billion ad impressions have been hijacked in a malvertising campaign operated by a threat group dubbed eGobbler to redirect potential victims to malicious payloads, between August 1 and September 23, 2019.

Malicious Ads and In-Banner Video Hit Lowest Rates Since Early 2018

Confiant, the leader and innovator in advertising security, released its Demand Quality Report for Q2 2019. The report shows steady progress in reducing the scourge of bad ads, with the lowest rates of malicious and In-Banner video ads observed since early 2018.

Healthcare – Fighting the Cyber Infection Epidemic

For most, cyber-security is not the first item that comes to mind when thinking about healthcare. Malicious hackers, however, target rich sources of data, and healthcare organizations collect and store a plethora of high-value personal, medical and financial information for large portions of the population.

Microsoft apps infected in major malvertising campaign

Security researchers at Confiant have uncovered a wide-ranging malvertising campaign that has been targeting apps and services from Microsoft over the past few months, bombarding users with unwanted adverts.

Hong Kong Malvertiser Runs Malicious Tech Ads In Microsoft Apps

A malvertiser has been pushing malicious tech support scam ads to users of Outlook, and other Microsoft owned apps in Windows 10. A cybersecurity study discovered that a Hong Kong-based hacker, known to operate the modus, has been part of a company called “fiber-ads.”

Hong Kong malvertiser blamed for ads that invaded Microsoft apps

A suspect based in Hong Kong is believed to be the main culprit behind a wave of malicious ads that have invaded Microsoft apps and services over the past few months.

App Malvertising Group behind Windows 10 Pushed 100 M Ads in 2019

A group based in Hong Kong has been identified behind the recent outbreaks of malicious ads via Windows 10 apps and Microsoft games. This group is behind millions of ads that forward users to bundles of scams, malware and adware.

How Confiant Is Protecting Publishers And Consumers From Malvertising

Confiant, a New York-based company that protects the reputation and revenue of digital publishers with anti-malware that stays ahead of malicious actors, announced it has raised $4.1 million in Series A funding led by River Bay Investments and Rubicon Venture Capital.

High-volume eGobbler malvertising attack exploits zero-day Chrome bug

A malicious actor has been leveraging a Google Chrome browser exploit to deliver malvertisements to iOS users, including a campaign during which 500 million user sessions were exposed to a session hijacking attack.

PubForum Spotlight: We’ve Always Been At War With Bad Ads

The issue of low-quality digital ads is as old as digital advertising itself. Those early ads soon brought malware and fraud with them, followed by the appearance of ad blockers in their earliest form.

Malvertising Levels Down In 2019; IBVs Petering Out

In 2019, one in every 150 digital ad impressions was dangerous or disruptive to the viewer, according to Confiant’s just-released Demand Quality Report for the fourth quarter and full-year 2019.

Malvertising in Govt, Enterprise Targets Old Software, Macs

A new report on malicious advertising underscores the importance of using modern web browsers and making sure your operating system is up to date with the latest security updates to prevent being infected.

WOOF locker: Unmasking the browser locker behind a tech support scam

In the early days, practically all tech support scammers would get their own leads by doing some amateur SEO poisoning and keyword stuffing on YouTube and other social media sites. Today, we are seeing more advanced operations.

‘Tarmac’ malware hits Mac computers through malvertising

Mac computers are thought to be one of the most secure personal computers in the market. However, a new malware has proved contrary to the claim after researchers have found a malvertising strain that infects Mac devices – it’s called Tarmac.

Almost 60% Of Malicious Ads Come from Three Ad Providers

In Confiant's "Demand Quality Report for Q3 2019", the ad fraud and security company analyzed 120 billion ad impressions that flowed through their systems in order to provide a breakdown of different malicious ad campaigns.

Programmatic Check: Malicious And In-Banner Video Ads Drop In Q2

Amid all of the headlines about ad fraud comes some reasonably good news, for a change: Both malicious ads and surreptitious in-banner video ads were down significantly in 2019 Q2.

Windows 10 Users Warned Of 100M Advert Bombs Security Threat

Security researchers have uncovered a security threat that's seen users of Windows 10 desktop apps served up with malicious adverts pushing everything from tech support scams to fake antivirus malware.

61% of malicious ads target Windows users

Most malvertising campaigns (malicious ads) target Windows users, according to statistics shared last week by cyber-security firm Devcon.

Louis-David Mangin, CEO & Co-founder of Confiant on Digital Ad Quality

Consumers of digital content have long been plagued by the "bad ad" — bad ad being a placeholder for many ills caused by less than ideal actors within the digital media space.

Numerous Sites Leak User E-Mails to Advertising Analytics Services

Multiple online services and products are leaking email data belonging to their users to third-party advertising and analytics companies, shows a research published today.

Hacking Group Targets Companies Using Revive Ad Serving Platform

A hacking group is targeting companies using the self-hosted ad serving platform Revive to inject and deliver malicious advertising to website visitors.

Hackers Have Breached 60 Ad Servers to Load Their Own Malicious Ads

A mysterious hacker group has been taking over ad servers for the past nine months in order to insert malicious ads into their ad inventory, ads that redirect users to malware download sites.

Revive Ad Servers Being Hacked to Distribute Malicious Ads

The Tag Barnakle malvertising group is hacking into Revive ad servers to inject and deliver malicious advertisements on unwary visitors.

See More

Downloadable Content

Read about our latest research and findings around malvertising and threat groups.

The Urgent Need for Buyers.json

To eradicate malvertising, publishers and SSPs need a solution that will increase buy-side transparency and help identify bad actors across all access points at once.

Malvertising & Ad Quality in 2020

Improve your user experience, user trust, & prevent revenue disruption by knowing what's happening within the programmatic ecosystem with our Demand Quality Report. 

Case Study: How Fandom Enhanced Ad Security with Confiant

Download the case study for more detail about how Confiant helped this publisher save $1,760 per month fixing ad issues, protected vital revenue streams, and increased ad blocking efficacy.

See More