Tech content trusted by users in North America and around the world
7,246 Reviews & Articles | 52,553 News Posts

Cybercriminals attack Google Adsense to pump out malicious redirects

Google Adsense has fallen prey to a spate of malicious ads in the last month, and cybercriminals are to blame
By: Paul Alcorn | Internet & Websites News | Posted: Jan 16, 2015 4:37 pm

Over the past month a number of websites, including TweakTown, have experienced sporadic redirects to scam websites. It has been exceptionally difficult to track down the source of these redirects, and our team has been working tirelessly to isolate the source of the issue. The source of the issue appears to be malicious code injected into Google Adsense ads, which are used by websites around the world.




In December a number of webmasters took to Google's Adsense Forum to complain of the issue, which seems to have peaked around January 9th. A total of 180 complaints were made on that day alone. Web security company Sucuri explains that cybercriminals possibly exploited two Adsense campaigns with Javascript code that loaded the malicious code. This redirect unfolds whether the user clicks the ad or not. Sucuri was able to track down the source, and notes:


The malicious redirect worked even in the Ad Review Center of the Google AdSense dashboard on site where webmasters may view ads that Google displays on their sites. This problem existed for about a month since the second half of December 2014, but became really widespread last Friday (Jan 9th 2015). By the end of the weekend, Google seemed to have been able to mitigate it.


While there may be notably reduced frequency to the malicious ads, they are still circulating. We have noticed these redirects are still present on other websites as well during the last few days. Google Adsense works by targeting specific ads to a specific viewers. This type of maddening attack, referred to as Malvertising, is hard to track because different users view different ads. The redirects are landing users on pages that appear legitimate, such as a fake Forbes website, but are all contained in different subdirectoriess of,, and


Frankly, its surprising that Google was able to be exploited on such a large scale. Perhaps the policy of allowing code in their ads that can be easily modified for nefarious purposes should be reviewed.


Related Tags

Got an opinion on this news? Post a comment below!