Ad blockers may seem like an unlikely defense in the fight against spyware, but new reports shed new light on how spyware makers are weaponizing online ads to enable governments to conduct surveillance.
Spyware makers are reportedly able to stealthily locate and infect specific targets with spyware using advertisements.
One of the startups that worked on an ad-based spyware infection system is Intellexa, a European company that develops the Predator spyware. Predator can access the entire contents of a target’s phone in real time.
According Documents seen by Israeli media outlet Haaretz., Intellexa introduced a proof-of-concept system in 2022 called Aladdin that allowed the installation of phone spyware through online ads. The documents included a demonstration of the Aladdin system with technical explanations of how the spyware infects its targets and examples of malicious advertisements: “apparently targeting graphic designers and activists with job offers, through which the spyware will be introduced into their devices,” Haaretz reported.
It is unclear whether Aladdin was fully developed or sold to government customers.
Another private Israeli company called Insanet managed to develop an infection system based on advertising capable of locating an individual within an advertising network, Haaretz revealed last year.
Online ads help website owners, including this one, generate income. But online advertising exchanges can be abused to send malicious code to a target’s device.
Malware distribution via malicious ads, often called malvertising, works by injecting malicious code into ads displayed on websites in computer and phone browsers. Many of these attacks rely on some interaction with the victim, such as tapping on a link or opening a malicious file.
But the global ubiquity of online advertising greatly increases the scope for government clients to target people (including their critics) with stealthy spyware.
While no phone or computer can be completely unhackable, ad blockers can be effective in stopping malvertising and ad-based malware before it reaches the browser.
Ad blockers, as the name suggests, prevent ads from being displayed in web browsers. Ad blockers don’t just hide ads, they block the underlying website from loading them to begin with. This is also good for privacy, as it means that ad exchanges can’t use tracking codes to see what sites users visit while they’re browsing the web. Ad blocking software is also available for phones.
Security experts have long recommended using an ad blocker to prevent malvertising attacks. In 2022, the FBI said in a public service announcement Use an ad blocker as an online security measure.
“Everyone should block ads” tweeted John Scott-Railton, a senior researcher at Citizen Lab who has investigated government spyware, in response to the Haaretz report. “It’s a security issue.”