Incidences of malicious auto-redirects have been increasing over the last year, and in the last several months, GeoEdge has uncovered seven new and different families of redirect attacks targeting leading publishers. The payloads for these attacks include click-fraud, tech support scams, and malicious installations.
One example of these new families of redirect attacks is Hidden Auto-Redirects, which are developed with an underlying mechanism for mobile click fraud. The redirect opens invisible iframes, and unbeknownst to the user, goes on its own delivery path, serving and clicking on ads automatically.
As the name implies, this type of redirect does not affect the user experience and remains under the radar, yet the estimated damages to the industry from these hidden mobile redirect campaigns are $920 million dollars.
In the report, “The Battle Against Auto-Redirects: Saving Publishers and Advertisers $1.13 Annually”, we discuss this discovery in addition to examining the evasive tactics and history of auto-redirects.
Auto-redirects are by far the most used scheme to disseminate malvertising today, leading the pack at a 48% majority.At 72%, the mobile device is the current vehicle of choice for auto-redirects.One hidden redirect attack was revealed to host a whitelist of hundreds of domains – including premium publishers such as Reuters, NBC, and Forbes – where the attack would be triggered.
The hidden redirect’s malicious script was programmed to execute mobile click fraud, opening numerous invisible frames and executing fraudulent clicks.The attacks are not localized to one specific location, but in fact are widespread and global.