This article was authored by Niles Rowland, Vice President of Product Management at The Media Trust.

Mobile redirects plagued one of the top news publishers in the US with subscribers from around the world, causing extensive customer complaints. Despite assurances from an alternative solution that promised to cover all attack vectors and protect every source of demand, visitors continued to face fraudulent gift card offers, prompts to download apps, and other unwanted ads. They turned to The Media Trust for help. 

Two malware blockers face off

The publisher decided to pit the existing blocker solution, which ran on the client’s site, against The Media Trust’s more comprehensive solution. One of the industry’s most heavily trafficked sites, the news publication was under relentless attack. The bake-off period was no exception; in fact, the large-scale mobile redirect campaign was just one of many persistent malware attacks. The Media Trust Digital Security & Operations (DSO) team not only detected the threat but also isolated and traced the incident to a specific creative ID running on a DSP that came through a well-known SSP. Next, DSO notified the SSP so they could shut down the creative at the source. Only then did the attack stop. Meanwhile, the competitor’s blocker failed to detect this large-scale redirect attack, let alone stop them. 

Human analysis + Blocking = Comprehensive Solution

The killer aspect of the The Media Trust’s solution was the team of digital threat experts who conduct continuous evaluation of code and can spot attacks in all their variations and all manners of obfuscation. Blockers are only as good as the data they are fed and the line of code they run. With most blockers ingesting new feeds every several days and only blocking according to what the feed tells them, this situation presents a major gap in protecting consumers. The Media Trust sees a new attack at least every 30 seconds. That means, each day that a blocker’s feed isn’t updated, about 2,880 new attacks pass through the blocker. Most of those attacks will be obfuscated to avoid detection. Some will lie dormant until a user’s device satisfies certain conditions. And some will persist through reboots. Blockers are simply no match to adversaries’ continuous innovation.

The set-it-and-forget-it nature of blockers is a very attractive selling point to publishers. But the convenience is illusory, not to mention downright risky. Malware developers have very short product lifecycles, and their wares will often be one step ahead of blockers. Beating them in their game demands a more comprehensive solution, like The Media Trust’s which utilizes human analysts as well as continuous code detection. 

In the end, The Media Trust’s comprehensive solution won the bake off and the large news publisher became another satisfied client.