Google's fight against Ad Injectors continues

Martin Brinkmann
May 7, 2015
Updated • May 7, 2015

So-called ad injectors are programs that insert ads into pages visited in web browsers. This is harmful in many ways not only to users who are often bombarded with ads, popups and other unwanted annoyances but also webmasters and businesses who finance their sites through advertisement and advertising networks.

Google notes in a new blog post on the official Chrome blog that ad injectors are the number one complaint of Chrome users in 2015.

The company build a custom ad injector detector for Google sites and ran it on its own sites for several months in 2014. The result was that 5.5% of all unique IP addresses accessing Google sites were affected by the issue which according to Google translates to millions of users being affected by ad injectors.

During the course of the study, Google discovered more than 50,000 browser extensions and more than 32,000 software programs that would hijack the browser and inject ads on visited web pages.

According to Google, more than 30% of these were "outright malicious" and would not only inject ads but also steal account credentials, hijack search queries or track users across the web.

amazon ad injector image

These extensions and programs are distributed via affiliate systems that uses various promotional methods including software bundles, advertising campaigns or malicious attacks. Affiliates earn money from user clicks on injected ads or purchases.

The ads that get injected into web pages are sourced by businesses such as Superfish or Jollywallet which bring legitimate businesses such as Walmart, Target or eBay in to the ecosystem.

Most of these businesses appear unaware of this according to Google. The company reached out to these advertisers to inform them that their campaigns are affected by ad injections.

Google removed 192 deceptive extensions from the Chrome Web Store that affected 14 million Chrome users with ad injections when using the browser.

It did improve the protection against unwanted software websites and distributions in Chrome in February and changed Adwords policies recently as well in regards to third-party download offers.

Ad injectors are bad for Google's core business. Not only is the company losing revenue when its own ads are replaced on Google properties or third-party sites using Adsense, it is also painting web advertisement in a bad light and driving users towards ad-blockers.

For webmasters and site owners, things are even dire. A user visiting an ad-filled page on Amazon may think twice about visiting the site again. In addition to that, sites lose out on advertising revenue or online sales because of these advertisements which in turn may make it difficult for them to stay in business.

Users affected by ad injectors, pop-ups or malware are asked to visit the following Google Support page which offers removal assistance.

Google's fight against Ad Injectors continues
Article Name
Google's fight against Ad Injectors continues
Google's fight against ad-injecting browser extensions and programs, and networks distributing those continues.

Tutorials & Tips

Previous Post: «
Next Post: «


  1. TSJNachos said on May 10, 2015 at 8:44 am

    IMHO, the “legitimate” advertisers aren’t much better as far as respecting the user. All too often, advertisements cover the entire webpage, slow the browser down with a ridiculous quantity of CPU-demanding videos, and track the users everywhere they go. The latter especially makes me upset, since they make their opt-outs hard to find, and ignore the users’ DoNotTrack requests, which should serve as a universal opt-in/out. Plus, I’m not entirely sure these opt-outs do anything other than make the advertisers look less malicious (giving the user a false sense of security in the process). Facebook is notorious for it’s tracking. If I did the same thing to my friends or family members, it would be considered cyber-stalking. Why should it be any different for advertisers?

  2. Division said on May 10, 2015 at 4:07 am

    I concur. The company that tracks people across the internet by infecting their browers with permanent cookies, among other things is complaining that someone is beating them at their own game.


  3. Thrawn said on May 8, 2015 at 4:00 am

    :D It’s kind of funny to hear about Google complaining of people putting ads everywhere and competing with it.

    But yes, a lot of them would be basically malware. I wonder how many of them spread through malvertising?

    1. Blue said on May 9, 2015 at 11:04 pm

      There is a difference in the types of ads. This article is about the malicious injector types that come bundled unsuspectingly with various programs, websites and extensions without our knowledge. The type that appear in the oddest places or do the oddest things. I installed what looked to be a simple bookmark extension to open all bookmarks in a new tab using the old system Chrome has now reverted too.

      This seemingly innocent extension was quiet for days when suddenly, several tabs opened up on their own, each to a different Chrome extension prompting us to install more extensions by the software developer. Even though I have Chrome set to not give new tabs focus, each page that opened up, took focus over the other until I closed them all down.

      Other malicious ad injectors put the oddest ads in the oddest places like my company’s inter-office web portal, or my online bank accounts. Malicious ads can even appear on top of regular ads not replacing them, but blanket a very large portion of the page with an invisible barrier so even if we don’t want to click on them, they get clicked anyways.

      Those are the types Google is trying to get rid of, but their database is user generated. If you don’t bother reporting a bad extension they won’t know about it.

  4. Uhtred said on May 7, 2015 at 11:29 pm

    well there’s a coincidence! only today I had a look at a friends windows pc relying on MS Security Essentials…, His Firefox, Chrome and Explorer all were infected by ‘ads’ and search redirects …”safe finder” seemed to be the main culprit. only safari looked to be okay. I ran a free malwarebytes to discover over 1000 threats! (pups) and whilst malwarebytes did its thing the safe finder seemed to be still active. I’m hoping that google page will have the answer

    1. Blue said on May 10, 2015 at 12:08 am

      As with most, “Free” versions of programs, they do a general decent job at cleaning up junk, but embedded or core menaces can only be cleaned out using their Pro (paid) versions, or simply try another, “Free”, program that may offer protection that the first one can’t remove.

      I use Malwarebytes Pro and can’t relate to what their free version does and does not do compared to the paid version. Since upgrading to their Pro version, I havn’t had to hunt around with several scanners each to detect/remove a particular threat. I have tried AdwCleaner (AWC) and though it does do somethings Malwarebyte Anti-Malware (MBAM) can’t do, it doesn’t do the same job MBAM can when compared head to head.

      On an infected computer MBAM free found over 1000 PUP’s, while AWC only found 800. After running AWC I ran MBAM as well to fully clean what one missed the other found. So for free program users they can’t comment on how effective one program is to another if all they are using to compare is that program’s free version.

      Since using MBAM Pro, I have not needed to worry about anything and I’m glad I have it. So far any freeware or Shareware program I test that install with extra’s MBAM has intercepted and quarantined the offending software.

      CCleaner is another such program and their free version does pretty much what MBAM Pro does only it’s a bit more destructive if you don’t know what to toggle on/off. I found after using CCleaner and playing around with some settings stuff like my iD3 tags were removed from all my media forcing me to rebuild my library. At that point is when I bothered installing MBAM Pro and I have not had anything to worry about since then.

      1. fokka said on May 10, 2015 at 8:29 pm

        this really sounds like a plug for MBAM pro.

        but in case you didn’t pull those numbers out of your a**, how many threats did MBAM pro find in comparison to the 800 od ADWcleaner and the 1000 of MABAM free?

      2. SCBright said on May 10, 2015 at 12:42 am

        Sorry but CCleaner has nothing to do with MBAM…
        CCleaner is a software used to clean the dirt left behind on your system (eg temporary files) and clean your registry of unnecessary information remains. On its turn, MBAM is an antimalware.

        I really don’t understood your comparison.

    2. TekWarfare said on May 8, 2015 at 12:41 am

      Also try AdwCleaner from bleepingcomputer.

      1. Uhtred said on May 9, 2015 at 8:47 pm

        AdwCleaner was easy to use and sorted it, thanks again :)

      2. Uhtred said on May 8, 2015 at 10:07 am

        at 27,233,483 downloads so far and 358,000 this week makes it look like a popular choice, thank you very much for the suggestion :)

  5. mrx said on May 7, 2015 at 5:43 pm

    Exactly the type of ads displayed above in the image are I hate and that’s really why I use ad block and I am in favor of ads that are non obtrusive and informative to the topic.

    PS: Matrin, don’t worry I know your site is legit and it’s unblocked in my ad block plus!

  6. Eric said on May 7, 2015 at 5:27 pm

    Need to be careful when installing things on your computer…

    1. Blue said on May 9, 2015 at 11:12 pm

      Yes that is true, but ad injectors are often the malicious variety so we don’t know we are installing them. They also can be installed by simply visiting a page or come bundled with extensions or software you once relied on but now are encrusted with injectors because it is another source of income for them.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.