Newsweek Media Group Websites Ran Malicious Code That Experts Say Is Used To Commit Ad Fraud

The company said it is conducting an internal investigation “to identify the individuals responsible and will take the necessary action.”

The embattled publisher of Newsweek and the International Business Times on Tuesday admitted that three of its websites were running malicious code that experts say is used to commit ad fraud.

Newsweek Media Group issued a press release Tuesday afternoon that said the company “has been alerted to a piece of potential code that disrupted ad tracking and ad viewability. This piece of code affected IBTimes.sg, IBTimes.co.in and IBTimes.co.uk.”

NMG said it is conducting an internal investigation “to identify the individuals responsible and will take the necessary action.”

The admission comes after a BuzzFeed News report last month revealed that investigations by multiple ad technology firms found that several of the publisher’s sites were buying traffic and engaging in ad fraud. At the time the company denied any fraudulent activity.

A source told BuzzFeed News that the sudden admission by NMG may be connected to ongoing reporting by the Wall Street Journal. A recent Journal story revealed new details about an investigation into NMG by the Manhattan District Attorney, including that the DA is now looking into reports of ad fraud.

BuzzFeed News asked NMG if its press release was issued as result of questions from the Journal. “The press release speaks for itself,” said Ken Frydman, CEO of Source Communications, a PR firm recently retained by the company.

The malicious code loaded on NMG’s sites was first discovered by DoubleVerify, a digital media measurement company, last year. The firm previously told BuzzFeed News that as a result of a detailed investigation into NMG properties it classified IBT’s Singapore, India, UK, and US sites “as having fraud or sophisticated invalid traffic.”

DoubleVerify also classified Newsweek’s UK edition as fraudulent, and the company's chief operating officer, Matt McLaughlin, said that site contained the same malicious code that NMG acknowledged Tuesday. NMG declined to say why its statement did not list Newsweek UK as one of the sites containing the code.

Less than 20 minutes after issuing its press release about malicious code, the company sent another release to announce new appointments and a “strategic investment” in Newsweek, which NMG CEO Dev Pragad called the “the jewel in our crown.”

McLaughlin told BuzzFeed News that the code used by NMG is designed to interfere with the ability of third-party measurement systems to determine how much of a digital ad was viewable during a browsing session. In order for an ad impression to be considered valid, it must be at least partially viewable to a user. This code manipulated data to ensure that otherwise unviewable ads showed up in measurement systems as valid impressions, which resulted in payment being made for the ad.

McLaughlin said the code is often injected into the browser by a bot visiting a site. It’s extremely rare to find an ostensibly reputable publisher running this type of code, he said.

“We’ve seen it on a few sites that have been very low volume and generally not important in the industry. This is by far the largest group of sites where we’ve seen it directly on the site,” he told BuzzFeed News.

The revelation of the code further validates findings outlined in the previous BuzzFeed News article, which revealed that several IBT properties were buying traffic that originated on pirated video-streaming and file-sharing websites. When a user visited these sites, a new browser window was automatically opened as a pop-up or pop-under. NMG then routed this low-quality traffic through other domains in order to disguise its origins and make it seem like high-quality referral traffic.

McLaughlin said the malicious code on the IBT sites and Newsweek UK is specifically used to ensure that ads hidden in a pop-under window, for example, are rated as fully viewable even when the user can’t see them.

“By combining the automated traffic buying with this malicious browser override they made impressions that had low viewability due to invalid traffic acquisition look to be more legitimate in their viewability metrics,” he said.

NMG’s press release said it is currently working with three accredited verification companies to measure its traffic, and that it is in the process of getting certified with the Trustworthy Accountability Group, an industry initiative to combat ad fraud.

TAG CEO Mike Zaneis told BuzzFeed News that it has "just begun working with Newsweek."

"We believe they are committed to not only responding to the current problems exposed on their sites, but also in developing a proactive strategy for making them safer long term. TAG can be a partner for any publisher in that endeavor," he said.

Skip to footer