One of AT&T’s free Wi-Fi hotspots is allegedly injecting ads that annoy users, slow browsing and clutter web pages, according to Jonathan Mayer, a computer scientist at Stanford.
While browsing the airport’s AT&T-powered Wi-Fi network, Mayer noticed ads appearing on educational, government and ad-supported sites such as The Wall Street Journal. He investigated the source and found three lines of code were added to the traffic.
The ad-injection platform seems to have been built by a company called RaGaPa.
Ad-injectors also pose security risks to unencrypted (HTTP) traffic. They threaten users’ security by breaking browser encryption to place ads that can serve malware, steal account credentials and hijack search queries and report users’ activity to third parties for tracking.
In 2014, 5.5% of visitors to a Google site were served malicious ads, according to a Google study.
One solution is to use a VPN service, which encrypts all traffic passing over the Wi-Fi network while also stopping ad injectors.
source : hotforsecurity