Ad blockers might seem like an unlikely defense in the fight against spyware, but new reporting casts fresh light on how spyware makers are weaponizing online ads to allow governments to conduct surveillance.
Spyware makers are reportedly capable of locating and stealthily infecting specific targets with spyware using banner ads.
One of the startups that worked on an ad-based spyware infection system is Intellexa, a European company that develops the Predator spyware. Predator is able to access the full contents of a target’s phone in real time.
According to documents seen by Israeli news outlet Haaretz, Intellexa presented a proof-of-concept system in 2022 called Aladdin that enabled the planting of phone spyware through online ads. The documents included a demo of the Aladdin system with technical explanations on how the spyware infects its targets and examples of malicious ads: by “seemingly targeting graphic designers and activists with job offers, through which the spyware will be introduced to their device,” Haaretz reported.
It’s unclear if Aladdin was fully developed or was sold to government customers.
Another private Israeli company called Insanet succeeded in developing an ad-based infection system capable of locating an individual within an advertising network, Haaretz revealed last year.
Online ads help website owners, including this one, generate revenue. But online ad exchanges can be abused to push malicious code to a target’s device.
Delivering malware through malicious ads, often referred to as malvertising, works by injecting malicious code into the ads displayed on websites on computer and phone browsers. Much of these attacks rely on some interaction with the victim, such as tapping a link or opening a malicious file.
But the global ubiquity of online advertising vastly increases the reach that government customers have to target individuals — including their critics — with stealthy spyware.
While no phone or computer can ever be completely unhackable, ad blockers can be effective in stopping malvertising and ad-based malware before it ever hits the browser.
Ad blockers — as the name suggests — prevent ads from displaying in web browsers. Ad blockers don’t just hide the ads, but also block the underlying website from loading the ads to begin with. That’s also good for privacy, since it means ad exchanges cannot use tracking code to see which sites users visit as they browse the web. Ad-blocking software is available for phones, as well.
Security experts have long advised using an ad blocker to prevent malvertising attacks. In 2022, the FBI said in a public service announcement to use an ad blocker as an online safety precaution.
“Everyone should block ads,” tweeted John Scott-Railton, a Citizen Lab senior researcher who has investigated government spyware, in response to the Haaretz report. “It’s a matter of safety.”
Comment