Equifax, Malware, and the UntrustworthySupply Chain

As if Equifax hasn’t lost enough trust from the first hack, last week it had to disclose that it suffered a second breach, which was called by most reporters a second hack. But apparently last week wasn’t a second hack at all, but a different problem. . Ars Technica wrote:

 A key part of Equifax’s website has been redirecting users to malware for an unknown period of time, a security researcher discovered this week. A video posted by independent security analyst Randy Abrams  showed an Equifax webpage redirecting to a fake Adobe Flash download prompt that installs adware. The infected Equifax page, which the company took offline after discovering the problem, is used to access and update one’s credit report, meaning that many people have likely visited it in the weeks since Equifax disclosed a data breach affecting more than 145 million Americans.

But the new incident was not a second hack – Equifax told MC that the malicious redirect came from a vendor’s faulty code. “The issue involves a third-party vendor that Equifax uses to collect website performance data, and that vendor’s code running on an Equifax website was serving malicious content,” a spokeswoman said. “Since we learned of the issue, the vendor’s code was removed from the webpage and we have taken the webpage offline to conduct further analysis.” Equifax appears to use a disreputable third-party ad provider, Iron Source, which is known for facilitating “malvertising,” the process of implanting malware on victims’ machines through the ads they visit.

So a third party vendor did it? Iron Source, which has a reputation for allowing malvertising. Not according to a person from Malwarebytes, a service used to detect malware. This person said it’s incorrect to call this a hack or attribute it to ads. In fact, the third party script was a web analytics component, and not ad code. But the third-party script itself was leveraged to load a domain serving as “ad rotator.”

Apparently, that’s is an issue with 3rd party scripts and any site that was using that particular one was at risk.  The ad rotator delivered very low quality redirects, suggesting that these were not even targeted ads.

While malvertising remains quite common, compromised analytics tags are less so. What could the takeaways be from this incident?

Our biggest takeaway is that you have to know every single step in your supply chain, and every partners must be certified and trusted. There are far too many unknown intermediaries in digital transactions for us to feel comfortable about our visitors’ data, and we have to limit the number of those for safety’s sake.

That’s why we have a private platform where this cannot happen. We have weeded out low quality sites, we have only quality inventory, only high quality partners, and no one else enters the supply chain once we set up a buy. This must be the way the entire industry operates in the future. If we don’t let the bad apples in, they can’t corrupt our supply chain or compromise the data of any of our partners.

 

If You Care About Security, Come to ZEDO

We have taken security very seriously lately on the ZEDO ad server. In fact, we have three major concerns for our customers and partners:

  1. resisting all the fraud, malware, and piracy problems that have plagued the industry since it began, and offering our customers a clean supply chain.
  2. Making sure our technologies load quickly and do not slow page load times for publisher partners
  3. Ascertaining the brand safety of the sites where our ZINC ads appear.

Every month we roll out technical updates that contribute to these goals.

This month:  for page load times, we are migrating to Gecko ad tags, to allow our publishers to run two of our innovative formats simultaneously .  Gecko is an ad serving tag that is designed to have seamless capability to serve different formats and innovations.  It can be configured to serve one or more ad formats per page view, such as a standard 300×250, a 728×90 InView panorama and an InArticle video for one tag call.

For brand safety, we have partnered with AmplifyReach.  We have started the process of categorizing Page URLs of various sites from our inventory pool into first level IAB categories. We also store brand safety score for each URL as identified by AmplifyReach.  We are learning every day how to make our inventory safer for advertisers.

We have added the capability to monetize secure sites. We saw that a number of publishers from our inventory pool going secure had increased lately, and if we get a request from a secure site, we send a secure flag in the BID request to all the DSPs. Because non-secure scripts cannot run on secure sites (the browser returns an error) this flag is important. By passing this flag DSPs know that they have to send down secure Ad Code if they bid and win.

We continue fighting the good fight to protect advertisers while increasing revenue for publishers. This has become a very complex endeavor, but advertisers are cutting the number of sites they will appear on and publishers have begun enforcing greater security as well. Vendors who cannot bring adequate security and brand safety to the table will be cut from both premium inventory and ads from quality brands.

For years we have been predicting that things in the digital advertising industry will improve so everybody gets better results, and we think this year it is finally happening. This will be good to everybody. The premium publishers will make more money, and the advertisers will get better results.

 

 

 

 

ZEDO Advertising Technology Updates – May 2015

Site Performance Report Added to Access Control
The Site Performance report has been added to Access Control for all role types.
You can enable/disable it from the following location:
Create Role>> Report Permissions>> Performance>> Site Report

Alert on Profit Report Page to indicate incomplete scraping data
For Ad Network customers we scrap revenue per campaign and apply it while generating Profit reports. When scraper data is unavailable we use the default rate set for the campaign, which is later updated when the scraper data is available.

The message: “Revenue displayed in red is incomplete as data collection is in progress. Check again later or contact your account manager.” will appear when the scraper data is unavailable and the revenue is being calculated using default campaign rate.

The message alerts users about the incomplete revenue data while they do their analysis.

Iframe Buster for Roadblock ads and IAB Sidekick
This feature allows you to run Rich Media Ads created via the Roadblock template, using an Iframe tag and hosting the Iframe buster file. We have also added Iframe Buster support for IAB Sidekick ad format from the Custom Rich Media ads option.

ZEDO Advertising Technology Updates – April 2015

URL Pattern Targeting

Knowing where their ads run is very CRITICAL for marketers. Recently we have seen players like Appnexus being very strict on what URL they send to buyers. Also sometimes campaign calls for a specific whitelist or a blacklist.

ZINC Adsales told us that they wanted to serve some ads only on certain domains and URLs but ZINC operations team was helpless as groups of publishers were using single tag.

One of our Network customer wanted to block a few domains for his advertisers and at the same time reduce operations work by using single tag.

We have a solution for all the above problems! URL Pattern Targeting. Live now.

Read: http://kb.zedo.com/url-pattern-targeting/

Activity cookie on secure channel

Till now we only supported acitivity logging on non secure channels. It appears that secure protocol is getting popular as many websites are going secure.

Customers using secure channels will be able to use behavioural targeting using activity cookie now.

Emails from white labeled domain

Users of the While labeled systems will now recieve emails from the white labeled domains.

UI changes

  • Video file limit increased to 20MB for VAST
  • Title for companion ads in the UI

Fixed second price calculation in PMP

We are now using method used by the industry to calculate second price auction when PMP deals are part of the bidding response.

ZEDO Advertising Technology Updates – December 2014

Support for VAST 3.0

Features included:

  1. Skip event
  2. Progress event

Note: ZEDO Players are not VAST 3.0 compatible yet

Please refer to the knowlegebase for more details.

 
Passbacks for VAST Tags

ZEDO’s Passback feature can be used with VAST Compatible ad formats. There are times when Advertisers do not want Impressions from every user, so they just return empty responses. But you can use ZEDO’s Passback Tag feature to monetize Impressions that are not filled by your advertiser.

Please refer to the knowledgebase for more details

ZEDO Advertising Technology Updates – November 2014

Reach Report by Channel/Country

In addition to the existing Campaign and Creative Reach Reports, customers can now pull a Reach Report for a particular Country and Channel. The Country and Channel reach report is available along with all the existing parameters and can be pulled by month, week or day.

These reports will help you analyze how effective your reach is for a specific Country and Channel.

reachbych

Coming Soon:

Upgrade to VAST 3.0

We will upgrade our VAST 2.0 compliant ad server to VAST 3.0, which will include the following features:

  • Skippable ads
  • Skip event tracking and
  • Progress event tracking

ZEDO Advertising Technology Updates – August 2014

Custom Rich Media Ads on Roadblock template:

We have now added support for Custom Rich Media Ads under the Roadblock Create ad template which will allow users to create Roadblock ads using multiple Rich Media Ads.

Below is the screenshot of the template:

august2014

 

Other Enhancements:

  • Non-editable start date for All Campaign
    The start date of a campaign will be disabled after any ad in the campaign serves its first Impressions/Clicks/Actions or other event metrics.
  • Fix for AS3 click tag detection
    All Issues related to AS3 click tag detection in the create ad form are now resolved.

ZEDO Advertising Technology Updates – September 2013

Custom Targeting

Custom targeting will allow users to create and target ads to key-value pairs, as well as apply logical operators. You will be able to target based on user agents as well as combination of demographics, for example: targeting users from Mumbai and San Francisco who are working in the IT industry, between the ages of 25 and 30.

Screenshot:

Browser data in Report Builder

You can now include user browser data (when using browser targeting) in your custom reports. In combination with other targeting filters, this adds an additional perspective to granular data analysis.

 

Screenshot:

Improved Activity Targeting

We have updated our behavioral cookie setting so you can now allow an Ad to set up to 5 activities on click.

ZEDO Advertising Technology Updates – June 2013

OS targeting:
Users can now target ads to specific operating systems when trafficking ads. A new OS tab is available in the Targeting section of Create Ad.  A creative targeted to a specific OS will serve only on that system; if a creative is not targeted to any specific OS than it will serve on all OS. All major desktop and mobile OS’s are supported.

OS targeting on create ad page:

IAB Rising Star – Slider:
We started off by supporting IAB’s Billboard ad format, which was used by many of our customers. Now, we have released support for IAB Rising Star: Slider.

Ad experience:

  • The Ad loads anchored to the bottom of the page.
  • On user click or mouse-over, the publisher page slides to the left, revealing the Slider Content on the right.

Ad Title Improvements:
We’ve improved our Ad Title feature (which helps you strengthen your brand by including your logo or company name on ads). Now you can upload multiple Ad Titles for your account, and can select the appropriate one when trafficking an ad.

 

Ad Title Setup in Account preferences:

 

Applying Ad Title when trafficking:

ZEDO Advertising Technology Updates – May 2013

Infinite End Date for a Campaign:

Usually remnant and house ad campaigns are long running with only the creatives changes. Most of the users want such campaigns to never end.

With this feature we will allow users to set the end date of the campaign to infinite. This will enable user to serve house ads and filler ads forever without worrying about serving blank ads due to campaign expiry.

The below screenshot display a button next to Campaign end date which can be toggled to enable/disable end date to make the campaign infinite.

Other upgrades:

  • Improvements to the exclude a channel from channel set / remove from channel list from create ad channel targeting functionality.

  • Important database upgrade to support double byte character support.

  • Quick links to jump to ad tag generator page from campaign manager page as shown below