Home Online Advertising To Catch A Botnet

To Catch A Botnet

SHARE:

botnetThe growth of Real-Time Bidding (RTB) has created a paradox for those trying to root out ad quality issues of all kinds. On the one hand, the rise of viewability measurement and the relatively small number of scaled RTB marketplaces has made it easier to identify and police worthless impressions. But it’s also easier for unscrupulous media sellers to make fraudulent inventory look legitimate, and then sell through exchanges — creating something of a new dawn for bad actors.

The rising opportunity for shady media sellers is apparent in a botnet described this morning by London-based ad measurement and viewability firm Spider.io. Spider.io has observed 120,000 host machines on what it has dubbed the “Chameleon” botnet. It says these machines are driving traffic to a cluster of at least 202 websites, resulting in a minimum of 9 billion monthly ad impressions served.

This traffic often appears human, suggesting a high level of sophistication. Chameleon machines click on ads at a rate consistent with the general population – about 0.02% – and they even generate rollovers on 11% of impressions.

The sites receiving this non-human traffic are spread across several networks, but one U.S.-based firm in particular is strongly represented, according to sources.

AdExchanger spoke with several senior executives at this company, which owns 75-80 websites that sell billions of monthly impressions but lack recognizable brands. The company says it buys significant traffic from numerous sources, but denies owning or knowingly working with a botnet.

However these executives said they wouldn’t be surprised to learn of ad quality problems on their sites – partly because they’ve observed strange things themselves.

Among those characteristics is a lack of variation in browser versions, the company’s COO tells AdExchanger.

As it turns out, the browser version issue is consistent with what Spider.io has observed with Chameleon. From Spider.io’s disclosure:

“The bot browsers report themselves as being Internet Explorer 9.0 running on Windows 7. The bots visit the same set of websites, with little variation. The bots generate uniformly random click co-ordinates across ad impressions.”

But even as it has seen problems with its own traffic, the company has resisted overtures by companies representing advertisers. Its chief operating officer said the firm was approached by two viewability vendors who asked to run their tags, but declined to participate because “they wouldn’t tell us how they do it.”

Even viewability proponents are quick to point out that publishers receiving traffic windfalls from Chameleon and similar botnets may be unwitting pawns in another party’s fraud scheme. Even so, they are large beneficiaries of that scheme, and there are large short-term incentives to look the other way.

Subscribe

AdExchanger Daily

Get our editors’ roundup delivered to your inbox every weekday.

Spider.io founder Douglas de Jager says, “Any publisher experiencing a huge growth in traffic should take responsibility for knowing where that traffic originates.

Media6Degrees is among the companies very active in trying to reduce botnet traffic and other sources of fraudulent inventory.

Chief Operating Officer Andrew Pancer said, “We have seen botnet traffic grow significantly over the past 18 months. It’s a big concern for us, especially as we all see the huge potential in programmatic buying.”

Must Read

Rest In Privacy, Sandbox

Last week, after nearly six years of development and delays, Google officially retired its Privacy Sandbox.
Which means it’s time for a memorial service.

AWS Launches A Cloud Infrastructure Service For Ad Tech

AWS RTB Fabric offers ad tech platforms more streamlined integrations with ecosystem and infrastructure partners, allegedly lower latency compared to the public internet and discounts on data transfers.

Netflix Boasts Its Best Ad Sales Quarter Ever (Again)

In a livestreamed presentation to investors on Tuesday, co-CEO Greg Peters shared that Netflix had its “best ad sales quarter ever” in Q3, and more than doubled its upfront commitments for this year.

Privacy! Commerce! Connected TV! Read all about it. Subscribe to AdExchanger Newsletters
Comic: No One To Play With

Google Pulls The Plug On Topics, PAAPI And Other Major Privacy Sandbox APIs (As The CMA Says ‘Cheerio’)

Google’s aborted cookie crackdown ends with a quiet CMA sign-off and a sweeping phaseout of Privacy Sandbox technologies, from the Topics API to PAAPI.

The Trade Desk’s Auction Evolutions Bring High Drama To The Prebid Summit

TTD shared new details about OpenAds features that let publishers see for themselves whether it’s running a fair auction. But tension between TTD and Prebid hung over the event.

Monopoly Man looks on at the DOJ vs. Google ad tech antitrust trial (comic).

How Google Stands In The DOJ’s Ad Tech Antitrust Suit, According To Those Who Tracked The Trial

The remedies phase of the Google antitrust trial concluded last week. And after 11 days in the courtroom, there is a clearer sense of where Judge Leonie Brinkema is focused on, and how that might influence what remedies she put in place.