Security firm reveals unauthorized advertisement injections on YouTube

The security firm Spider.io revealed that a California-based company called Sambreel was using its software to inject advertisements on YouTube, according to a report on the company's website. Sambreel's subsidiary Yontoo was responsible for two programs designed to make downloading videos off of YouTube simple, both of which have been pulled after Spider.io revealed its findings.

Sambreel is no stranger to backlash from security firms and companies, having received the banhammer from Google and Facebook a handful of years ago following revelations that it injected ads onto the two websites. The company turned its attention to YouTube, however, with two different browser plug-ins that work to inject unauthorized advertisements on the video website.

These two plug-ins are Easy YouTube Video Downloader and Best Video Downloader, both of which were removed after Spider.io made it known that they were used to facilitate ad injections. Said the security firm, both plugins result in "multiple display ad slots [being] injected across the YouTube homepage, channel pages, video pages and search results pages."

The advertisements weren't placed in too obvious of a fashion, perhaps allowing it to slip under the radar for most users, especially considering that many of the advertisements it displayed were for valid companies: Toyota, Ford, BlackBerry, Amazon, Sprint, Walgreens, Domino's Pizza, and more. Others were for malicious advertisers out to wreck additional havoc on unsuspecting users.

Many users were affected by the malware plugins, with Spider.io reporting a minimum of 3.5 million instances of the plugins being installed. Video advertisers are being warned to exercise caution, and obviously users who have installed the video downloading plugins should remove them henceforth. Beyond that, there's a larger moral to the story: one should think twice before downloading Sambreel software.

VIA: BBC

SOURCE: Spider.io