![](data:image/svg+xml;charset=utf-8,<svg height="544" width="1024" xmlns="http://www.w3.org/2000/svg" version="1.1"/>)
Image credits: Bryce Durbin/TechCrunch
Ad blockers may seem like an unlikely defense in the fight against spyware, but a new report reveals how spyware makers are weaponizing online advertising to enable government surveillance. sheds new light on what is happening.
Spyware makers can reportedly use banner ads to identify specific targets and secretly infect them with spyware.
One of the startups working on ad-based spyware infection systems is Intellexa, a European company that develops Predator spyware. Predators have real-time access to the entire contents of the target's mobile phone.
In 2022, Intellexa unveiled a proof-of-concept system called Aladdin that enables the planting of phone spyware through online advertisements, according to documents obtained by Israeli news outlet Haaretz. The document included a demonstration of the Aladdin system, a technical explanation of how spyware infects its targets, and an example of malicious advertising. This involved “targeting graphic designers and activists with job offers, through which spyware was introduced onto their devices.” report.
It is unclear whether Aladdin was fully developed or sold to government customers.
Another Israeli private company called Insanet has successfully developed an ad-based infection system that can identify individuals within ad networks, Haaretz revealed last year.
Online advertising helps website owners, including this website, generate revenue. However, online ad exchanges can be exploited to push malicious code to targeted devices.
The delivery of malware through malicious ads, often referred to as malvertising, works by injecting malicious code into ads that appear on websites on your computer or mobile phone's browser. Many of these attacks rely on some kind of interaction with the victim, such as tapping a link or opening a malicious file.
However, the global proliferation of online advertising has significantly expanded the scope for government customers to target individuals (including critics) with stealth spyware.
While your phone or computer isn't completely unhackable, ad blockers are effective at stopping malvertising and ad-based malware before they reach your browser.
Ad blockers, as the name suggests, prevent advertisements from being displayed in your web browser. Ad blockers don't just hide ads, they block the underlying website from loading them in the first place. This also helps protect your privacy, as it means Ad Exchange cannot use tracking codes to see what sites you visit when you browse the web. Ad blocking software is also available on mobile phones.
Security experts have long recommended the use of ad blockers to prevent malvertising attacks. The FBI will use ad blockers as an online safety measure in 2022, the FBI said in a public service announcement.
“Everyone should block ads” tweeted John Scott Railton, a senior researcher at Citizen Lab who has researched government spyware, responded to the Haaretz report: “It's a safety issue.”
