Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: Henry Baker <hbaker1 <at> pipeline.com>
Subject: Google AdSense vuln de-obfuscates ad links for click fraud
Newsgroups: gmane.comp.encryption.general
Date: Tuesday 29th September 2015 00:06:55 UTC (about 1 year ago)
FYI -- More evidence that better advertising crypto protocols are needed to
protect all parties: web site, advertiser, website visitor.

https://thestack.com/security/2015/09/28/google-adsense-click-fraud-iframe-blazquez/

Google AdSense click fraud made possible by uncloaking advertisers’ sites

According to new research source code manipulation can be used to penetrate
the security of Google’s AdSense system, by automatically obtaining the
JavaScript code which protects advertisers from click fraud.

The paper A vulnerability in Google AdSense: Automatic extraction of links
to ads [PDF] by Prof. Manuel Blázquez of the Complutense University of
Madrid, outlines a procedure whereby the attacker can de-obfuscate the
‘cloaked’ advertiser target links automatically and perform automated
clicks of the ads, either to the benefit of the site hosting the ads – if
the intention is to generate simulated commercial traffic, or to the
detriment of competitor sites, if the intention is to compromise their
standing with Google’s AdSense system by creating a blizzard of patently
bogus ad-clicks.

http://arxiv.org/pdf/1509.07741v1

A vulnerability in Google AdSense: Automatic extraction of links to ads

On the basis of the XSS (Cross Site Scripting) and Web
Crawler techniques it is possible to go through the
barriers of the Google Adsense advertising system by
obtaining the validated links of the ads published on a
website.  Such method involves obtaining the source
code built for the Google java applet for publishing and
handling ads and for the final link retrieval.  Once the
links of the ads have been obtained, you can use the user
sessions visiting other websites to load such links, in the
background, by a simple re-direction, through a hidden
iframe, so that the IP addresses clicking are different in
each case.

_______________________________________________
The cryptography mailing list
[email protected]
http://www.metzdowd.com/mailman/listinfo/cryptography
 
CD: 4ms