Firm found using browser plugins to inject unauthorized ads on YouTube
Posted on 16 August 2013.
Sambreel, a California-based firm that nearly two years ago has been found using browser plugins to deliver ads by injecting them into Facebook and Google pages, is up to its old tricks.

At the time, the two plugins were named PageRage and BuzzDock, today it's Easy YouTube Video Downloader and Best Video Downloader which, according to the researchers from UK-based, are part of a software browser tool suite provided by two subsidiaries of Sambreel.

"When a user who has installed these plugins visits multiple display ad slots are injected across the YouTube homepage, channel pages, video pages and search results pages," the researchers noted. "These display ad slots are being bought today by premium advertisers like Amazon Local, American Airlines, AT&T, BlackBerry, Cadillac, Dominoís, Ford, Kelloggís, Marriott, Norton, Toyota, Sprint, Walgreens and Western Union."

The company obviously earns by offering such ad placement to ad exchanges or directly to companies looking for more exposure, but the problem is that anyone can buy ad space from Sambreel, and it just so happens that malware peddlers also do.

In one example, the injected ad sports a fake alert saying that the user should do well to update their Java, but clicking on the "OK" button will take them to a third-party disreputable site.

"This sort of malvertising would be unlikely to impact YouTube users without Sambreelís involvement. Google has strict ad-quality processes, and Sambreelís plugins bypass these," the researchers explained. So, not only does the company hurt legitimate advertisers, but random users as well.

According to BBC News, one of the Sambreel subsidiaries stated that the offending browser plugins have been discontinued, but that seems to have happened only after the researchers made the company's actions public.

A Google spokeswoman said that the company is aware of "bad actors" such as this one and has banned all of them from using Google's monetization and marketing tools.

According to, some 3.5 million people installed one of Sambreelís YouTube-focused adware plugins before this, and they have surely pulled in some serious money.


How security pros deal with cybercrime extortion

1 in 3 security professionals recommend negotiating with cybercriminals for the return of stolen data or the restoration of encrypted files. 86% of security professionals believed their peers at other organizations have brokered deals with cybercriminals.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Wed, Apr 1st