NEW YORK: Russia-based cyber fraudsters have been stealing as much as $3m to $5m a day from some of the largest US brands and media companies, according to digital security firm White Ops.
These so-called "Methbot" operators – named after references to "meth" that showed up in the software code – are said to have been running the largest and most profitable advertising scam involving bots that the industry has seen to date.
The sophisticated operation used bots, or computer programs that mimic human activity, to target premium programmatic video inventory and is estimated to have generated up to 300m bogus video ad impressions per day.
Whereas most bot scams infect consumers' computers with malware to serve ads seen by no one, the Methbot fraud differed in its scale and sophistication by creating more than 571,000 fake IP addresses and registering them with internet service providers in the US, including AT&T, Comcast and Verizon.
That made it appear as if traffic from Methbot's servers in Dallas and Amsterdam was coming from genuine users across America.
Around 250,000 fake web pages were created to fool advertisers into serving ads that were never watched and White Ops calculated that more than 6,000 top publisher websites were affected, included those of ESPN, Fox News, The Huffington Post and others.
Commenting on his company's research, Michael Tiffany, co-founder and CEO of White Ops, said: "Methbot elevates ad fraud to a whole new level of sophistication and scale.
"The most expensive advertising on the internet is full-sized video ads, on name brand sites, shown to users who are logged into social media and who show signs of 'engagement'.
"The Russian operators behind Methbot targeted the most profitable ad categories and publishers. They built their infrastructure and tools and compromised key pieces of architectural Internet systems to maximise their haul. Methbot is a game changer in ad fraud and further evidence that the issue of human verification is constantly evolving and innovating, not abating."
Data sourced from White Ops; additional content by Warc staff