Share the post "White Ops has uncovered the largest and most profitable ad fraud operation – Methbot"
American cybersecurity company White Ops claims it has exposed one of the biggest online scam – Methbot. The first suspicious activities under a unique bot signature were noticed in September 2015. On October 2016, Methbot began to scale aggressively.
HOW DOES IT WORK?
Current digital advertising market relies on the electronic auction system that helps to conduct operations between advertisers and media companies. Advertisers employ a large number of ad buyers to purchase advertising time on websites on the Internet. These processes automated via software exchanges that connect buyers and sellers of online video. The vast number of transactions happen each second there. So, it is such kind of marketplace where both sides meet to make a deal. The process itself was subjected to attack: Methbot provides fake advertising inventory into the system and then produces false views of the advertisements aiming to get money from the unwitting buyers of the ad.
Methbot infrastructure, Source: White Ops
All actions of the scams were well thought out: created fake records of users’ online activities, which make to believe that the bots are real humans; used dedicated servers to run proxies, thus it was almost impossible to notice that all traffic was coming from one place (800 – 1,200 dedicated servers operating from data centers in the US and the Netherlands); used falsified documents to gain access to real IP addresses, so it seemed that ad traffic was coming from actual Internet providers (800 – 1,200 dedicated servers operating from data centers).
“Compared to similar ad and click-fraud operations, Methbot is unique because it relied on data center servers, instead of botnets of computers and smartphones infected with malware, such as ZeroAccess, Chameleon, Ponmocup, Million-Machine, and HummingBad.” – Catalin Cimpanu, (December 20, 2016)
The scale of results is striking: 200 – 300 million video ad impressions generated per day on fabricated inventory; 250,267 distinct URLs spoofed to falsely represent inventory; 6,111 premium domains targeted and spoofed. Among their targets were expensive ad spaces and prestigious sites such as ESPN, Fortune, Huffington Post, Economist, CBS, Fox News, and Fortune.
Per the White Ops report the financial losses many times as large than those done by earlier discovered botnets.
Methbot’s profits as compared with different ad bots that wielded before it , Source: White Ops
White Ops published information on their website about what additional actions advertisers, agencies, platforms, and publishers can undertake to protect themselves from this scams.
What do you think about cybersecurity? Do you feel safe online?
Sources:
The entire report of White Ops is available at this link – The Methbot Operation, December 20, 2016