Jump to content
  • Pirate Sites With Malicious Ads Face Restrictions Under New Initiative

    Karlston

    • 416 views
    • 6 minutes
     Share


    • 416 views
    • 6 minutes

    Led by companies including Amazon, Disney, Google, Meta and Spotify, a new initiative by the Trustworthy Accountability Group will produce a domain blocklist to deny ad revenue to pirate sites. The idea isn't new but here, intelligence on known pirate sites will be combined with data originally obtained by anti-malware vendors, meaning that potential advertisers will have another reason to avoid pirate sites when they expose users to malicious ads.

     

    There was a time when visiting a pirate site was much like visiting any other. Keen to attract eyeballs wherever they might be, many of the world’s biggest brands exchanged cold hard cash for an appearance on prominent pirate portals.

     

    Over time and as the thorny issue of funding illicit platforms gained traction, companies including Ford, Toyota, Nissan, Mazda and Volvo came under increasing pressure. The same held true for other household names, such as tech giant Samsung, along with Nokia, Canon, Carlsberg, even Coca Cola.

     

    These companies weren’t deliberately placing ads on pirate sites, but their ads kept turning up on them nonetheless.

    Goodbye Quality Brands

    As brand protection became increasingly important during the previous decade, companies such as White Bullet provided intelligence on which sites to avoid, with similar lists deployed to facilitate the work of the UK’s Infringing Website List, among others. In the United States, the formation of the Trustworthy Accountability Group (TAG) in 2015 saw advertisers and advertising agencies come together to clean up the system and prevent ad revenue from reaching pirate sites.

     

    TAG enjoys considerable support; Amazon, Disney, Google, Meta, NBC, Sky, and Spotify, among others, sit on TAG’s Leadership Council. Most were around in 2019 when TAG launched Project Brand Integrity, an initiative to prevent valuable brands’ advertising ending up next to potato-quality copies of Hollywood movies and other unauthorized content.

    Half a Decade Later, TAG Upgrades

    While TAG says that v1.0 has performed well, on Wednesday it announced Project Brand Integrity 2.0. More easily scalable than its predecessor, PBI 2.0 still aims to defund pirate sites and protect advertisers from undesirable associations. If all goes to plan, it will be quicker to react and more responsive to domain hopping too.

     

    “Project Brand Integrity 1.0 was incredibly effective but hard to scale, as it involved a time-consuming manual process of notifying advertisers when their ads were found on pirate sites,” says Mike Zaneis, CEO of TAG.

     

    “Although most advertisers took action when alerted to such misplacements, the money often had already changed hands, and the criminals quickly moved their efforts to new domains.”

    Excluded From Ads, Pirates Welcomed to Exclusion List

    Also receiving an upgrade is TAG’s database of pirate sites, which is shared within the industry to help advertisers avoid undesirable platforms. This ‘exclusion list’ is maintained and developed through intelligence sharing at TAG’s AdSec Threat Exchange, where members collaborate with participating companies, utilize open source resources, and share information on pirate domains.

     

    The resulting list aims to limit pirate sites’ access to advertisers, thereby reducing their ability to generate revenue from advertising.

    tag-pbi2.png

    “Through PBI 2.0, TAG will leverage new partnerships with the industry’s major ad tech intermediaries to cut off funding from pirate websites through a comprehensive pre-bid exclusion list, thus preventing pirate sites from monetizing stolen intellectual property (IP),” TAG says.

     

    “By incorporating real-time intelligence on new pirate domains from TAG’s Ad Sec Threat Exchange and TAG member companies, PBI 2.0 will protect brands while preventing ad dollars from reaching those illegitimate sites.”

    Malvertising Everywhere

    In an interview with EMA last December, Michael Lydon, TAG’s Vice President of Threat Intelligence, spoke of the constant battle against malvertising, a portmanteau of ‘malware’ and ‘advertising.’ Scam ads, auto-redirections, cloaking, and drive-by downloads all received a mention. Not exclusively in connection with pirate sites, though, the problem is much broader than that.

     

    Given the nature of this pervasive adversary, TAG’s v2.0 exclusion list will also combine data originally collected by anti-malware vendors, with the intelligence providing an enhanced view of pirate sites that combine free downloads with malicious or deceptive ads. Once that information is placed in the hands of advertisers, it’s hoped that having two reasons not to fund pirate sites will be better than having just one.

    Proactively Eliminating Malvertising

    What kind of effect the project will have at the consumer end is unclear. One of the great ironies of the pirate site/malware debate is that by driving trusted advertisers away, anti-piracy groups not only removed revenue but also opened up the market for less inhibited advertising agencies to do more business with pirate sites.

     

    Lower ad rates made available to pirate sites with fewer opportunities elsewhere, can lead to an elevated chance of risky ads, on web-based portals in particular. Since TAG’s system will only make things worse and the rest of the internet isn’t getting any better, some sites may need to be tackled more directly.

     

    The good news is that plenty of solutions for disappearing bad ads, malvertising, endless trackers, and other stuff some sites just can’t get enough of, are readily available for free. Since they don’t discriminate, they’re just as happy removing all hot girls in your area to the 80 advertising partners imposed on visitors by too many mainstream sites.

    quad9.png

    For those really averse to abusive advertising, moving away from ISP-provided DNS to Quad9’s threat-blocking alternative is a good start.

     

    For the more adventurous, a self-hosted DNS server like Pi-Hole, loaded with various hand-picked blocking lists, is something that few people think they need. At least until they see how even seemingly regular ads, not to mention things like smart TVs, can really abuse their trust.

    pi-hole.png

    Finally, uBlock Origin on top is an essential for every browser, and if all goes to plan, malvertising will be a thing of the past. Then, working from a nice clean sheet, unblocking the sites worthy of support seems the way to go, while enjoying the internet all over again.

     

    Source


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...