Ecommerce traffic being hijacked by client side malware
According to new research 15 to 30 percent of eCommerce site visitors are infected with Client Side Injected Malware (CSIM) that causes them to view injected ads, malicious links and fraudulent spyware on otherwise legitimate sites.
These findings are from a study by online security company Namogoo which shows that CSIM has grown rapidly in the past two years and is able to operate completely undetected by site publishers because it lives locally on consumers' systems.
Consumers may unknowingly download CSIM via bundled apps or extensions and most commonly experience injected ads -- fake advertisements that look native to an authentic site, but actually lead consumers away from the website to make their final purchases elsewhere.
Namogoo has already identified over 25,000 ad injector signatures, with an average of 200 new signatures appearing daily. It says that injected ads made up an estimated $7 billion market in 2014, and the culprits behind the industry can range from lone developers in emerging markets to large public companies operating in the gray area of the law while siphoning off millions in eCommerce traffic and revenue from unsuspecting brands.
"We even see anti-virus companies using their software to secretly infect consumers with CSIM. It's a startling but unfortunate truth," says Namogoo co-founder and CEO Chemi Katz. "Because it's an easy way to make a buck, struggling anti-virus companies have given in to the dubious practice in order to stay alive, although we think it's quickly becoming evident in the eyes of the public".
In the past six months Namogoo has seen client-side attacks increase by 20 percent, a sign that the CSIM industry is becoming more aggressive. In some markets, including travel and luxury goods, it has found an especially concerted effort by malware developers as consumers are not only more likely to click on an injected ad, but ultimately make larger purchases.
The company has developed a new technology that allows eCommerce sites to combat CSIM by suppressing all active CSIM on a consumer's computer or browser when that consumer visits a Namogoo-protected site. Its servers scan millions of pages creating malware injection blocking rule sets in real-time and delivering them to the website via a single line of code, so site publishers can control the user experience, down to the individual computer.
A white paper looking in more detail at CSIM and at how Namogoo can combat it is available as a PDF from the company's website.