Google’s research on ad injecting malware shows millions of its visitors are affected

Google’s research on ad injecting malware shows millions of its visitors are affected

Ad injectors – unwanted software that insert new ads or replace the ones already there – have plagued the internet for many a year, but Google wants to show us just how pervasive they are.

Today the company released details from a study performed in a partnership with UC Berkley and Santa Barbara that revealed some pretty incriminating numbers.

According to Google, as many as 5.5 percent of unique IP addresses (amount to “millions of users”) visiting Google pages included injected ads. Approximately 5.1% of these were on Windows and 3.4 percent were on Mac.

These can come from a variety of sources. Researchers found that more than 50,000 browser extensions and 34,000 software apps took control of browsers in some form to inject ads – up to 30 percent of these stole account credentials, hijacked searches or reported user activity to third parties.

Remember that Superfish software that caused Lenovo a whole bunch of PR trouble back in February? Well, though Lenovo made strides to remove it from computers, Superfish clearly made its mark, with the software showing up in 3.9 percent of Google views. Though Superfish may not inject the ads itself, it provides the library of advertising partners for malware to use.

Google says this all leads to over 3,000 paying advertisers – including Sears, Walmart, Target and Ebay – seeing their ads replaced by unauthorized parties. Often, these companies aren’t aware something is amiss, as advertisers can’t usually tell when malicious software is on your computer.

Google has taken measures to combat ad injectors as a result of its research. For instanc, the company removed 192 Chrome extensions – affecting approximately 14 million users – from the Chrome Web Store. It’s also improved its tools to flag unwanted software, while informing advertisers who may be affected by the scams.

You can read the full study at Google’s research page.

New Research: The Ad Injection Economy [Google Online Security Blog]

Read next: Tim Cook must be so frustrated right now...