Know Your MalwareProtect Yourself

Amnon SievCEO, Geoedge

GEOEDGE CONFIDENTIAL 1

GEOEDGE CONFIDENTIAL 2

OnlineAd Verification

MobileAd Verification

VideoAd Verification

GeoEdge is the leading Ad Verification providerfor the Mobile and Online advertising ecosystem

Our Mission: To ensure a Safe, Clean and Engaging User Experience

New Offer!

Customers

• Over 700 customers worldwide

• Partnering with leading Ad Platforms

3GEOEDGE CONFIDENTIAL

The Real Cost of Malware

GEOEDGE CONFIDENTIAL 4

Direct CostsPoor User Experience

Long Term Impact

Cost to Publisher

Impact on User

5

Two levels:

1. User is warned

2. User is infected

GEOEDGE CONFIDENTIAL

Ransom Viruses

Bad User Experience Without Malware

6

An holistic view of the user’s experience

GEOEDGE CONFIDENTIAL

Auto-redirects

Drive By File downloads

Post click File Downloads

Java script errors

Phishing scams

Deceptive offers

Mobile Redirect

GEOEDGE CONFIDENTIAL 7

1 Use App

See Banner2

Automatically Leaves App…and a new window is opened!

3

Direct Costs

8

GEOEDGE CONFIDENTIAL

Operational challenge to track & block campaigns

Brand Reputation & Bad Publicity

1

2

Demand Partner blocked

Legal exposure

3

4

Long Term Impact On Your Business

Ad injections - hijack your traffic cutting right into your bottom line

Domain spoofing - your name is used to sell fake traffic - you can be black listed

Often users are not aware they have

been infected

9

Long Term Impact On Your Ecosystem

10

Botnet for traffic and click fraud - malware that allows the hackers to create “real” traffic/clicks from the user machine

This may happening on your site!

“Traffic fraud is only a problem for advertiser …”

ANA Report – December 2014

11

Advertisers lose faith in Premium publisher traffic!

1. CPM goes down as Advertisers factor into account fake traffic (23% of video ads traffic is not human)

2. Complicate contracts with advertisers

BIG PICTURE

12

I’m not at risk…

Common misconceptions

GEOEDGE CONFIDENTIAL

Misconception #1: Manual pre-lunch checks

Hacker buys ad space on your site

Campaign is launched

User accesses your siteFrom: FranceBrowser: IE Time: 2 PMInfected: No

User accesses your siteFrom: CanadaBrowser: ChromeTime: 1 AMInfected: Yes

Hacker injects malicious code targeting a specific user segment

Malware attacks are dynamic and usually starts after the campaign go live.

Manual check is meaningless as malware will probably target specific user segment

Malware!

Misconception #2: Ad server protection

14

I’m protected because I’m using my ad server malware detection

GEOEDGE CONFIDENTIAL

MA

LWA

RE

Ad server protection limitation

15

3rd Party Ad servers

Tag

`

Tag

Tag

Tag

Publishers Ad Server

Nuclear Exploit Kit landing page

Ad server protection limitation - example

GEOEDGE CONFIDENTIAL 16

September 2014: Last.fm & Jerusalem Post attack via Double Click that called Zedo

Pubads.g.doubleclick.net

d3.zedo.com/jsc/d3/fo.js (compromised)

Static.the-button.com/d2.php

[string].wiab-service.se/geobalance/geo2.php

Misconception #3: Direct Campaigns

17

I’m protected because I’m serving campaigns directly from my in house platform

GEOEDGE CONFIDENTIAL

Landing page – post click attacks are more common than pre click!

You are exposed via other 3rd party code on your site

Your infrastructure could be hacked

Misconception #4: Trusted Demand Partners

18

I’m protected because I trust my demand-partners protection

GEOEDGE CONFIDENTIAL

Demand-partner’s protection is limited

Protection systems are based on scans – your traffic is a small portion of their traffic and scanned accordingly.

Many malware attacks come through reputable demand partners and SSPs: Jan 2015 – AOL: Drive-by malware downloads to the Huffington Post, GameZone, LA Weekly,

So What Can Be Done?

19

1. Use proactive protection

2. Understand the implications for users. It’s not enough just to know that there was an attack

3. Find the infected campaign – HOW?

4. Track the bad player – of all the mediators who could be responsible

5. Block Campaign

GEOEDGE CONFIDENTIAL

Holistic view of the user’s experience

Full transparency

Detection AND recommendation

Pinpoint malicious source

Multi-format protection

New VIDEO verification

Super exciting NEWs from GeoEdge

20

First ad verification service that will provide TRUE transparency and verification for Video Ads!

Video Malware Protection

Protect against bad user experience

• Auto play with/out sound

• Ad length / size

Protect Publisher Video Revenues

• Identify player inside banner

GEOEDGE CONFIDENTIAL

21

w w w. g e o e d g e . c o m

GEOEDGE CONFIDENTIAL