A group of hackers is making between $3 Million to $5 Million per day from United States brands and media companies in the biggest digital ad fraud ever discovered.
Online fraud-prevention firm White Ops uncovered this new Ad fraud campaign, dubbed "Methbot," that automatically generates more than 300 Million fraudulent video ad impressions every day.
The cyber criminal gang, dubbed AFT13, has developed Methbot robo-browser that spoofs all the necessary interactions needed to initiate, carry out and complete the ad transactions.
The hackers, allegedly based in Russia, registered more than 6,000 domains and 250,267 distinct URLs impersonating brand and names of high-profile websites like ESPN, Vogue, CBS Sports, Fox News and the Huffington Post, and selling fake video ad slots.
Cyber criminals behind Methbot are using servers hosted in Texas and Amsterdam to power more than 570,000 bots with forged IP addresses, mostly belongs to the United States, which make it appear ads are being viewed by US visitors.
But in reality, these video ads are viewed by Methbot's fake viewers, as the fraud also includes an automated software program that mimics a user watching ads.
To make their bots look more real, the gang is using methods like automated faked clicks, social network login information, and mouse movements.
🔐 Mastering API Security: Understanding Your True Attack Surface
Discover the untapped vulnerabilities in your API ecosystem and take proactive steps towards ironclad security. Join our insightful webinar!Join the Session
The security firm found that the fraudsters' bot army watched as many as 300 Million ads per day, with an average payout of $13.04 per 1000 faked views.
If you multiply this number by more than 570,000 compromised IP addresses, the money rolls in.
The company believes that Methbot creates an estimated between 200 Million and 300 Million fraudulent video ad impressions per day, targets roughly 6,000 publishers and generates between $3 Million and $5 Million in revenue every 24 hours.
White Ops initially noticed the activity of Methbot last year in September, but in October 2016, the campaign dramatically risen.
The Methbot operation is headquartered in Russia but uses data centers in Dallas and Amsterdam. Although this information is not enough to prove that the hackers are of Russian origin, White Ops evidently believes that the hacker group is based in Russia.
White Ops has notified the FBI about the scam and has been working with federal law enforcement for weeks now.