Russian hackers have been all over the news this year. First there were allegations of hacking into the DNC and trying to tamper with the U.S. presidential election.
Then, after the election, we told you about Russian hackers launching a massive phishing scheme. Now, a team of Russian hackers is being accused of stealing millions of dollars a day through a fraudulent ad scheme.
The security firm, White Ops, has discovered an elaborate variation of a botnet that it's calling "Methbot."
How the Methbot operation works
Methbot deceives ad networks into playing videos on fake sites, which the scammers have also created. The videos are then viewed by bots that are disguised as real people.
The crooks are then paid by the ad networks for an enormous number of views. The larger the number of ad views, the larger the payout. White Ops estimates the scam is bringing in around $3 million each day for the cybercriminals. This is the biggest known operation of its kind.
The scheme is quite complex. First, the hackers referred to as Ad Fraud Komanda (AFK13), had to register over 6,000 fake domains that spoof real websites. Then they had to create over 250,000 fake URLs that are used to host video ads.
The hackers get paid after tricking ad networks into playing video ads on their fake sites. They just had to set the bots up to watch the ads, creating a massive amount of ad views. These "bot farms" are operating out of data centers in the U.S. and the Netherlands.
In an effort to shut this operation down, White Ops has teamed with the Trustworthy Accountability Group (TAG) and is releasing the following data:
- IP addresses known to belong to Methbot for advertisers, agencies, and technology providers to block so they can prevent ads from appearing on Methbot inventory.
- Falsified domain list.
- Full URL list to show the magnitude of impact this operation had on the publishing industry. These publishers were impersonated and deprived of revenue opportunities because of this operation.
This type of attack might not affect you directly right now, but if companies continue to lose massive amounts of ad revenue, who knows what the future can bring?