Sep 14, 2018

Anatomy of a Video Stuffing Ad

A recent Ad Lightning study indicated that nearly a third —28% of all Internet ads — are ‘bad ads,’ meaning they are oversized, malicious, offensive or non-compliant with IAB standards or publisher specific ad policies.  The full survey is available here.

With that said, when you lift up the hood, what, exactly, does a bad ad look like? The screenshot below is a great example of an ad gone wrong — completely unbeknownst to the advertiser — that would cause notable interruption to the user experience and become a major headache for a publisher.

So let’s break it down— below is the anatomy of this bad ad:

Ad Requests, Video Stuffing & Malware

There are a whopping 837 requests are embedded in this one ad.  The IAB standard for LEAN ads, or ads that offer a “lightweight user experience to maximize initial page load performance” among other guidelines, is 10 file requests per ad.  Even when factoring in more requests to enable a programmatic transaction, anything over 150 is highly suspicious. 

In this case, when looking more closely at these requests it appears that one of the calls is actually loading a video player. 

Within the video player, we can then see that a secondary pre-roll auction is taking place behind the static ad that was displayed on page load.  The auction is driving up the number of requests fired from the ad.  You can see that a lot of legitimate players are unknowningly getting caught up in the mix!

Ad Lightning has extracted a specific signature (unique ad identifier) that is responsible for this behavior.  That signature, b=e97530f114336b11bsw, was categorized as malware in a previous scan and is being flagged as known in this report.

File Size & Ad Payload

With all of the resources it's taking to load this particular creative, the ad payload has exceeded the recommended IAB spec for initial load and total load.  At 1.61MB, the user experience is likely to be impacted significantly.  The ad image itself isn't too far out of spec, however — with the addition of the player alone — the file size is doubled. 

Data Collection

With multiple video auctions taking place within the ad, it's no surprise that over 564 cookies were dropped from over 35 data collectors. In addition to driving latency, this can be problematic for two reasons:

  • Data leakage:  Unknown or unapproved entities can steal valuable audience data and use that to build audiences that are off property.
  • GDPR & other data regulations: It's critical that users in the EU consent to each entity collecting data. If unapproved collectors are identified, there are significant financial consequences for the publisher. 

This deep dive into one bad ad illustrates how easy it is for the user experience to go off the rails and why advertisers, publishers and users alike are fed up. It’s time to take a scalpel to the influx of bad ads that are the scourge of every digital publisher trying to provide quality journalism and other important content to their loyal readers.   Let Ad Lightning help you identify and block nefarious ads on your properties — give us a call today.

Read More

Sep 10, 2018

“Blockers Alone Won't Cure Malvertising Woes?”

The Media Trust Analysis versus Ad Lightning’s

An article titled “Blockers Alone Won't Cure Malvertising Woes” that appeared in InfoSecurity Magazine last week was both interesting and also a bit surprising to me.

The piece describes how “cybercriminals have found new ways to bypass blocker defense solutions and execute their malicious code,” and cites a blog written by The Media Trust CEO Chris Olson in which he claims that “blockers are not the complete solution some publishers might think they are.”

At Ad Lightning, we can agree with the premise that applying a blacklist to raw markup isn’t going to catch everything and that a multi-pronged approach is essential. Both scanning and blocking are vital, and sandboxing —a technique that loads a site’s ads in separate windows, or iframes, to ensure the ads can’t be redirected—can also be helpful.  Ad Lightning, of course, provides all three functions, setting a new standard for accountability and protection that our industry desperately needs.

The Media Trust post goes on to say that “at least 90% of malware used in malicious mobile redirects are obfuscated so they can elude blockers, and that percentage is growing as bad actors develop new obfuscation techniques.” That is categorically untrue —a high level of obfuscated code doesn’t mean blockers are going to fail. It’s true that malware contains high levels of obfuscated code, but Ad Lightning can trace the ad itself to a blockable signature, domain or ad ID.

In addition, according to The Media Trust’s analysis, third-party malware data sources “take an average of three to five days to identify and record malware and as a result, by the time a third-party filter is updated, at least 8,600 attacks could have occurred over a three-day period, 14,400 over five days.”  At Ad Lightning, we know three to five days may as well be a lifetime to a publisher when it comes to identifying malware. It typically takes us less than 24 hours to process a new outbreak of offenders and get them on blocklists, and we are fairly confident that, in time, we can we can get this process down to 10 minutes.  Three to five days would never be our standard.  As an example, a recent signature,, was determined to be malicious and actively blocked within 12 hours.  It was blocked over 2.2 million times in under two weeks.

Overall, Ad Lightning clients know how successful we are at finding and blocking bad ads, including sneaky malware, and we do it faster than anyone else with our market-leading ad intelligence platform.   Let us help you today!

Read More

Aug 23, 2018

Mid-Year Perspectives from the Experts: Bustle, Rubicon Project and Univision Speak to Scott Moore, CEO, Ad Lightning

At Ad Lightning, we consider ourselves lucky. We get to work with a wide variety of industry thought-leaders every day across a wide range of digital publishers and solution providers.  Many wrestle with common issues, but each has a unique perspective.

At the beginning of 2018, we surveyed over 100 Ad Ops leaders to get a sense of their outlook for the coming year.  There were many interesting learnings gleaned from that study, including the depressing revelation that 63% of publishers feel that ad quality issues haven‘t improved or have gotten even worse over the last 12 months, but that  75% believe publisher-side ad blockers like Ad Lightning will have the most positive impact on ad quality.

Recently, I followed up with a number of industry experts and asked if they’d share a few mid-year perspectives on the 2018 digital ad landscape —any surprises, challenges or major decisions they wanted to discuss. I’m happy to report that quality and transparency remain at the forefront of the conversation well into 2018. 

Our publisher partners continue to push for solutions that give them better control over their tech stack and audience.  The new Open RTB spec is a good example of how accountability and improved tracking through the ecosystem is still at the forefront of the conversation.

Many thanks to our friends at Bustle (Kai Hsing), Rubicon Project (John Clyman) and Univision (Tyla Mayo) for sharing some of their latest perspectives below.

What’s surprised you the most about the digital advertising/publishing landscape so far in 2018?

John Clyman, VP Engineering, Marketplace Quality & Security Rubicon Project:   “The extraordinarily rapid adoption of ads.txt has been a pleasant surprise. It's great to see that despite the vast number of players in the ad tech ecosystem, the industry can come together quickly and decisively to  help curtail bad behavior that causes so much harm.”

Scott Moore, CEO, Ad Lightning: John makes a great point. It’s always a positive thing when the industry can come together quickly to collaborate over the latest challenges to ad quality.

Kai Hsing, SVP Marketing & Operations, Bustle:  “The same old shenanigans are still at play (ad fraud, for example)”

Scott Moore: Kai’s point is spot on, unfortunately. As we continue to track the proliferation of mobile redirects and various methods of video fraud, the rate at which new fraudsters are entering the ecosystem surprises even us. Data from this past year continues to show huge spikes in fraud, particularly at the end of the week, month and fiscal quarters.  These bad actors are savvy enough to know when to flood the market with bad ads.

What’s your biggest ad quality challenge going forward this year?

John Clyman, Rubicon Project:  “Forced mobile redirects continue to be a major industry-wide problem. We see bad actors using increasingly sophisticated techniques to evade detection. And in a world where individual sites and apps are typically integrated with many different platforms, it's very hard for sellers to even identify which of their partners the bad demand is originating from, let alone stop it entirely. So, on top of the incredible consumer frustration with these bad ad-quality experiences, it's also an ongoing operational challenge that everyone struggles with.”

Scott Moore: In our conversations with our clients and other folks in the market, redirects are always part of the discussion. They are frequently cited as the client’s most significant pain point, and this seems to be true for just about everyone in the ecosystem. Publishers need to conquer that nagging problem, before they can focus on bigger ad quality issues that aren’t so apparent to the everyday user (like data leakage, page load delays etc.) 

When it comes to redirects, our goal at Ad Lightning is to stay ahead of the fraudsters. We’re continuously working to anticipate and detect the tactics bad actors use to inject unwanted behaviors into ads.

Tyla Mayo, Director of Revenue, Univision Communications, Inc.:  “We recently migrated our video ad serving from Freewheel to DFP.  But we quickly learned that DFP is not as competitive as Freewheel because of how they handle VAST/VPAID errors and rendition management.  DFP offers reporting on errors so we can pinpoint the creative that has issues but, as with all DFP features, the solution is a reaction not a preventative measure.  There are some other tools available to us to improve the quality, but all at the cost of our direct revenue which puts us in a position where we either have a bad brand experience or lose money.”

Scott Moore: Tyla’s frustration with video ad quality is understandable. It’s still a big challenge and the market continues to grow at a rapid pace. The infrastructure to deploy video, especially programmatically, is still very fragmented. There are few one-size-fits-all solutions for video —and that drives up costs.

She might be happy to know that Ad Lightning’s roadmap for Q3 and Q4 is heavily dedicated to innovative video quality tools.

Can you share a tech or policy decision that’s had a positive impact on your Ad Ops in 2018:

Tyla Mayo, Univision Communications, Inc.:  “We began a major initiative in Q4 of last year to redesign and optimize our site for mobile and viewable ad positions. As part of this effort we removed the header ad and placed the first display ad amongst compelling content, abandoning the concept of a must-have above the fold placement.  Our hypothesis was that ads at top of the page are immediately scrolled out of view and misses the point of being viewable.  We were right.  After making the change, the in-view score for our 320x50 has more than tripled since last year. It was a tough sell, but it’s clear we made the right decision."

Scott Moore:  Digital advertising never stops evolving. It’s incredibly rewarding to be able to help the industry move forward and stay ahead of new challenges and threats as they emerge.

John, Kai and Tyla, thank you for sharing your perspectives! 

Read More