Ad-injecting software made headlines in February with news of Superfish adware being pre-loaded on Lenovo PCs
. But Superfish is not the only game in town.
Google teamed up with the University of California, Berkley and Santa Barbara for a new report
that tracked incidents of this sometimes malicious software across the search giant's network.
Researchers followed computers visiting Google sites from June to October 2014. In those five months, "we found 5.5 percent of unique IPs—millions of users—accessing Google sites...included some form of injected ads," Google spam and abuse researcher Kurt Thomas wrote in a a blog post
Specifically, they detected 5,339,913 different IP addresses infected with adware. About 3.9 percent were courtesy of Superfish, followed by Jollywallet at 2.4 percent (though this was before the Superfish/Lenovo deal was revealed).
These companies, according to Thomas, manage advertising relationships with a handful of ad networks and shopping programs. Superfish, for example, will choose which ads to show, and when a visitor clicks on one, or even buys the product, Superfish makes a profit—only a fraction of which it shares with affiliates.
"Ad injectors' businesses are built on a tangled web of different players in the online advertising economy," Thomas wrote. "This complexity has made it difficult for the industry to understand this issue and help fix it."