A group of cyber criminals simulated the display of video ads and earned up to $5 million a day
It has already been called the scam of the century: clever, sophisticated, ingenious. A system studied in detail that, using a network of 500,000 bots programmed to simulate human computer behavior, has earned hundreds of millions to the detriment of numerous online advertising agencies.
The scam, renamed Methbot, was discovered and analyzed by experts from White Ops, a company that deals with computer security. Its technicians have reconstructed the ingenious techniques used by hi-tech criminals to bypass the control systems of those who manage online advertising just to avoid situations like this one, i.e. manipulate the data related to the number of accesses to the various web pages and the interaction with banners and/or videos. The deception has been studied to perfection because nobody for months has noticed anything. How is this possible? “Because no one, in reality, has stolen anything” explains Michael Tiffany, CEO White Ops.
How online advertising works
Everyone now knows that sites live on advertising and that, the higher the number of accesses, i.e. the number of users who visit a given site, the greater the chances of earning with the banners they host on their pages. Banners, but also video ads that are currently the most profitable. Ed esattamente come avviene per la carta stampata con i dati sulla diffusione e il venduto, anche online è fondamentale conoscere il numero di accessi e l’interazione con la pubblicità. Esistono, quindi, dei sistemi che certificano queste informazioni per calcolare il valore di un sito e, di conseguenza, il costo per l’inserzionista che fa pubblicità e il guadagno per la concessionaria e il sito in questione.
Fonte foto: Pixabay
L’analisi del traffico dati è fondamentale per calcolare i proventi della pubblicità online
Come è organizzata la truffa della pubblicità online
Methbot era organizzata in questo modo. I criminali, innanzitutto, sono riusciti a entrare nel giro della pubblicità online proponendo di vendere un certo numero di visualizzazioni e dimostrare che le visualizzazioni erano realmente effettuate da persone in “carne e ossa”. Come ci sono riusciti? With an army of over 500 thousand bots under their control, all of which had an IP address coming from the main American Internet Providers even though, in reality, the network of zombie computers was located somewhere else. These bots, finally, simulated perfectly the human behavior with a lot of movement of mouse and keyboard, a history of visited sites, even with Facebook profiles and other social networks. The system was designed, as mentioned, to perfection: different operating systems, different browsers, different versions, different connection locations – all so as not to arouse suspicion. And the bots did only one thing: display video ads, thus making the architects of this digital scam earn millions of dollars. White Ops experts realized this because at some point the creators of the Methbot system began to “overdo it” and traffic on some sites became abnormal as a result. But no one, not even White Ops, can assure that these bots have stopped “working. The scam has been identified, but the rest seems to be still in the air.
Gaining up to $5 million a day with online advertising
So, whoever came up with this scam is not the classic ransomware developer or a hacker capable of breaking into even the most secure sites to get hold of sensitive information. This is someone who has combined very advanced computer skills with an in-depth knowledge of the world of online advertising and the control techniques used by industry players to avoid data manipulation. That said, the scam becomes easier to understand. Let’s say that a thousand views of a given video are paid an average of $15, give or take a few dollars, and White Ops experts claim that these criminals were able to simulate 300 million “impressions” (or views) per day. In questo modo arrivavano a guadagnare fino a 5 milioni di dollari al giorno per la visualizzazione di pubblicità che, in realtà, nessuno “umano” ha mai visto. E senza che nessuno se ne accorgesse per mesi, e forse per anni.
Fonte foto: Shutterstock
Clicca sull’immagine per accedere alla gallery con 5 consigli su come difendersi dagli hacker