ISPs Found to Insert Malicious Ads into Website Pages

Internet surfers expect ISPs to be clear and lucid, and non-interfering with the Web pages they deliver, but a recent research has shown something different. It has been found that some ISPs secretly add malicious advertising by replacing publisher content. This was revealed in a paper titled, "Detecting In-Flight Page Changes with Web Tripwires", by security researchers at the International Computer Science Institute and the University of Washington, as reported by Clickz on April 21, 2008.

Using software, researchers were able to determine if HTML was being changed during transmission of Web pages from the server of publishers to the monitor of viewers. While there is no guarantee about the integrity of Web pages, when they are sent over HTTP, in general, it is expected that they would remain unchanged during transit.

But, the authors of the report observed changes like client software inserting scripts to block pop-ups, ISPs placing advertisements on the Web pages, and malware causing malicious code. Researchers discovered that 16 of the 700 pages had modifications, with 2% having ads injected. They also found that many ISPs including Mesa Networks, RedMoon, XO Communications and MetroFi injected ads.

Researchers found that the pop-up blockers on the client-side accounted for 70% of the modified pages. Other changes included transmission problems resulting in incomplete or blank pages, privacy or security-related changes from the network, as well as reformatted or removed meta-tags. The results of the test were collected from about 50,000 different IP addresses. A strong inclination was observed towards people who had technical interest; Slashdot referred 9,507 people and Digg referred 21,333 people.

It is hardly shocking to know that pop-up blockers have a major role in modifying Web content. Internet security advocate, Ben Edelman, who is also Assistant Professor at Harvard Business School, noted that pop-up blockers strip code to generate new windows, as reported by Clickz on April 21, 2008.

However, according to Edelman, ISP interfering with content seems to take place on a much smaller scale than the spyware-launched unwanted ads following after that.

The researchers' finding that ISPs are meddling with content probably to earn money from advertisers confirms the suspicions raised in 2007.

Related article: ISPs Could Play Key Role in Beating Spam

» SPAMfighter News - 23-04-2008

All SPAMfighter products offer a free trial!

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail, Windows Live Mail and Thunderbird.

Optimize your Slow PC for better performance. Try FREE scan now

Disk space recovery
and disk optimization. Try FULL-DISKfighter free

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial.

Remove Spyware with SPYWAREfighter - Free 30 days trial

Antivirus software for your Windows PC - Free 30 days trial