500 publishers were hacked through anti-ad block tool PageFair

Anti-blocking firm PageFair, which works with some 3,000 publishers, was hacked over the weekend, leaving visitors to 501 publishers sites vulnerable to malware attacks.

Anyone visiting one of these sites from a Windows computer on Saturday evening (between 11:52 p.m. and 1:15 a.m. GMT) would have been vulnerable, though only if they clicked on what looked like an Adobe Flash update. If they did, they would have downloaded malware directly to their computer.

In a blog post called “The Core Facts,” which went up first thing Sunday, CEO Sean Blanchfield explained the company noticed the breach almost immediately, though it took more that 80 minutes to shut it down“If you are a publisher using our free analytics service, you have good reason to be very angry and disappointed with us right now,” he wrote.

It’s an ironic twist, given that PageFair’s services help publishers combat ad blocking and ensure they get paid for their content. PageFair valued the cost of lost online ad revenue for 2015 at just under £14 billion ($22 billion) globally in a report released in August.

PageFair can’t release a list of which publishers were affected, though a spokesperson said most of them were fairly small. Just under two-thirds (60 percent) of them had fewer than one million monthly pageviews and 90 percent of them had fewer than 10 million monthly pageviews.

However, the company has stressed all publishers are important to it, regardless of size, and is currently working to estimate the degree to which visitors to all the websites targeted would have been affected by the attack.

Some media experts have said the attack was bound to happen. The kind of service the company offers makes them an appealing target to those who see it as their right to block ads and not be tracked online.

Most have been impressed by how candid PageFair has been in its response. DigitasLBi head of innovation Andy Girdwood was among them, though he added that the attack itself comes as no surprise, and predicted more hacking attempts on ad tech vendors before the end of the year.

However, he added: “I can’t imagine a near future in which hacking is so common and so successful that it begins to interfere with the media economy, effecting bid prices and placement. Ad blocking and fraud both have more chance of doing that.”

European ad blocking rates are the highest in Germany, with 30 million users using ad blocking software, according to PageFair. German digital media publisher Axel Springer has banned readers who have installed ad blockers from accessing its popular tabloid website Bild.de.

It even went so far as to try to quash conversations held in an online forum in which methods for circumventing the ad-blocker wall were had. It was successful in having the posts removed, though some media experts have likened any publisher attempts to root out the gaming of ad-blocking systems to a massive game of “Whack-A-Mole.”

https://digiday.com/?p=144330

More in Media

Digiday+ Research deep dive: Are publishers shifting their social video efforts to focus on TikTok over YouTube?

Publishers’ use of YouTube remains strong, but TikTok’s place in publishers’ video-focused social media strategies is growing stronger.

AI Briefing: Why Walmart is developing its own retail-specific AI models

Walmart debuted its own set of retail-specific AI models to help power the company’s “Adaptive Retail” era of personalized shopping and customer service.

Media Briefing: Publishers confront the AI era during the Digiday Publishing Summit

This week’s Media Briefing recaps what publishers had to say about AI platforms during the Digiday Publishing Summit’s closed-door town hall sessions.