Cyber Security News

Researchers Uncover that UK.GOV Websites Sending Data to Chinese Ad Vendor Analysts

Analysts from Silent Push, a data analytics firm, have uncovered several UK government websites sending user data to a controversial Chinese advertising technology vendor, Yeahmobi.

This discovery raises significant concerns about privacy and the integrity of data handling by public sector organizations.

Data Collection Methods

Silent Push’s investigation began with implementing three core ad tech standards—ads.txt, app-ads.txt, and sellers.json—into their data collection practices.

These standards are crucial for transparency in digital advertising, providing clear information about which companies are authorized to sell or resell ad inventory.

Is Your Network Under Attack? - Read CISO’s Guide to Avoiding the Next Breach - Download Free Guide

By utilizing a custom query language, SPQL, Silent Push was able to identify unique ad account IDs linked to the advertising vendors on public websites.

Their analysis revealed that 18 UK public organizations, including local councils like Havant Borough Council, South Gloucestershire Council, and the Met Office, have been using services provided by Yeahmobi to serve advertisements on their domains.

An example of banner advertising seen at the bottom of the homepage @ https://lancashire.gov.uk/

Notably, Yeahmobi has previously been flagged by Google for malicious practices related to ad fraud and attribution abuse.

The involvement of Yeahmobi, a company previously blacklisted for malicious SDKs (Software Development Kits), in handling data from UK government websites poses serious privacy concerns.

The exact volume and nature of the collected data remain unclear, but the potential for misuse or unauthorized access to sensitive information cannot be ignored.

This situation is particularly alarming given the public’s trust in government platforms to safeguard their personal information.

UK Government Response

As of now, the UK government has not issued a formal response to these findings.

The revelation that local council websites, which are not prohibited from engaging in programmatic advertising, have partnered with a questionable foreign entity demands urgent attention and action.

Figure 2Example of banner advertising seen on the “Public Health” page of https://lancashire.gov.uk/

It is imperative for public sector organizations to ensure compliance with national data protection laws and uphold the highest standards of transparency and security in their digital operations.

Chinese Ad Vendors Involved

Yeahmobi, the Chinese ad vendor at the center of this controversy, has a checkered past, including being implicated in ad fraud and the use of malicious software.

Despite these issues, Yeahmobi has managed to infiltrate the digital advertising space on UK government websites, prompting questions about these public organizations’ oversight and due diligence processes.

The findings by Silent Push serve as a crucial wake-up call for the UK public sector to reevaluate its digital advertising partnerships and prioritize the privacy and security of citizen data.

As the situation develops, it will be essential to monitor any governmental actions taken to address these serious concerns and ensure that similar risks are mitigated.

Free Webinar: Mastering Web Application and API Protection/WAF ROI Analysis -  Book Your Spot

Divya

Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Recent Posts

Hackers Exploiting Docusign With Phishing Attack To Steal Credentials

Hackers prefer phishing as it exploits human vulnerabilities rather than technical flaws which make it a highly effective and low-cost…

1 day ago

Norway Recommends Replacing SSLVPN/WebVPN to Stop Cyber Attacks

A very important message from the Norwegian National Cyber Security Centre (NCSC) says that Secure Socket Layer/Transport Layer Security (SSL/TLS)…

3 days ago

New Linux Backdoor Attacking Linux Users Via Installation Packages

Linux is widely used in numerous servers, cloud infrastructure, and Internet of Things devices, which makes it an attractive target…

3 days ago

ViperSoftX Malware Uses Deep Learning Model To Execute Commands

ViperSoftX malware, known for stealing cryptocurrency information, now leverages Tesseract, an open-source OCR engine, to target infected systems, which extracts…

3 days ago

Santander Data Breach: Hackers Accessed Company Database

Santander has confirmed that there was a major data breach that affected its workers and customers in Spain, Uruguay, and…

3 days ago

U.S. Govt Announces Rewards up to $5 Million for North Korean IT Workers

The U.S. government has offered a prize of up to $5 million for information that leads to the arrest and…

3 days ago