U.S. brands using ad exchanges for their placements are getting conned by Russian hackers in an elaborate scheme that’s costing advertisers $5 million a day, according to White Ops, a New York-based cybersecurity services provider that’s worked on ad fraud reports with the Association of National Advertisers in the past. That’s $180 million in online ads so far, calculates CNNtech.
This discovery comes days after the CIA announced on Dec. 9 that Russians hacked Democratic email servers in order to influence the presidential election.
Now, with the release of this Dec. 20 study from White Ops (opens as a PDF), marketers are learning that the company discovered the fraud after its clients started getting attacked in October.
“Ominously dubbed the ‘Methbot Operation’ (after the word ‘meth’ that appears in the code),” writes The Hustle yesterday, “a group of Russian hackers appear to be making $3 [million] to $5 [million] a day by showing real video ads to fake people on fake websites for ‘real’ clicks.”
The word “meth” may have no relation to the drug, as computer coders use language that makes no sense to laymen. For instance, “ice cream sandwich” is an older Android code and “Jelly Bean” is a newer operating system, perhaps because those coders are hungry for candy and sweets.
As for the route of the hack, White Ops says “Methbot operators farm out their operations across a distributed network based on a custom browser engine running out of data centers on IP addresses acquired with forged registration data.”
The Hustle puts it more simply.
“Step One was creating over 6,000 domains with [250,000] unique URLS that looked, at least on the surface, the same as major publishers like ESPN or Vogue,” reads the article. “This, in turn, tricked ad-serving algorithms into sending them the most profitable video ads.”
So just in time for the holiday ad cycle, Russian hackers had bots watching videos so fake sites could collect real money. The problem was, they got greedy.
“On October 5, 2016,” reads the White Ops report, “Methbot began to scale aggressively, reaching as many as 137 million impressions per day by the end of the week. The operation continued to expand rapidly. By mid-October, the White Ops MediaGuard Prevention Service was detecting three to five billion bid requests per day from Methbot spread across multiple ad platforms. By the end of the month, the bot farm had spread to affect 32 distinct clients upon which White Ops had detected or blocked activity.”
[Author’s note: While this is unlike the situation in which Kellogg’s and other brands found themselves by advertising on Breitbart.com, it does point to the reality that marketers need to watch where their ad dollars are going. Is it on a reputable site? It might be a good idea to check.]
What do you think, marketers?
Please respond in the comments section below.