Home Online Advertising To Catch A Botnet

To Catch A Botnet

SHARE:

botnetThe growth of Real-Time Bidding (RTB) has created a paradox for those trying to root out ad quality issues of all kinds. On the one hand, the rise of viewability measurement and the relatively small number of scaled RTB marketplaces has made it easier to identify and police worthless impressions. But it’s also easier for unscrupulous media sellers to make fraudulent inventory look legitimate, and then sell through exchanges — creating something of a new dawn for bad actors.

The rising opportunity for shady media sellers is apparent in a botnet described this morning by London-based ad measurement and viewability firm Spider.io. Spider.io has observed 120,000 host machines on what it has dubbed the “Chameleon” botnet. It says these machines are driving traffic to a cluster of at least 202 websites, resulting in a minimum of 9 billion monthly ad impressions served.

This traffic often appears human, suggesting a high level of sophistication. Chameleon machines click on ads at a rate consistent with the general population – about 0.02% – and they even generate rollovers on 11% of impressions.

The sites receiving this non-human traffic are spread across several networks, but one U.S.-based firm in particular is strongly represented, according to sources.

AdExchanger spoke with several senior executives at this company, which owns 75-80 websites that sell billions of monthly impressions but lack recognizable brands. The company says it buys significant traffic from numerous sources, but denies owning or knowingly working with a botnet.

However these executives said they wouldn’t be surprised to learn of ad quality problems on their sites – partly because they’ve observed strange things themselves.

Among those characteristics is a lack of variation in browser versions, the company’s COO tells AdExchanger.

As it turns out, the browser version issue is consistent with what Spider.io has observed with Chameleon. From Spider.io’s disclosure:

“The bot browsers report themselves as being Internet Explorer 9.0 running on Windows 7. The bots visit the same set of websites, with little variation. The bots generate uniformly random click co-ordinates across ad impressions.”

But even as it has seen problems with its own traffic, the company has resisted overtures by companies representing advertisers. Its chief operating officer said the firm was approached by two viewability vendors who asked to run their tags, but declined to participate because “they wouldn’t tell us how they do it.”

Even viewability proponents are quick to point out that publishers receiving traffic windfalls from Chameleon and similar botnets may be unwitting pawns in another party’s fraud scheme. Even so, they are large beneficiaries of that scheme, and there are large short-term incentives to look the other way.

Subscribe

AdExchanger Daily

Get our editors’ roundup delivered to your inbox every weekday.

Spider.io founder Douglas de Jager says, “Any publisher experiencing a huge growth in traffic should take responsibility for knowing where that traffic originates.

Media6Degrees is among the companies very active in trying to reduce botnet traffic and other sources of fraudulent inventory.

Chief Operating Officer Andrew Pancer said, “We have seen botnet traffic grow significantly over the past 18 months. It’s a big concern for us, especially as we all see the huge potential in programmatic buying.”

Must Read

Scott Spencer’s New Startup Wants To Help Users Monetize Their Online Advertising Data

What happens when an ad tech developer partners with a cybersecurity expert to start a new company? You end up with a consumer product that is both a privacy software service and a programmatic advertising ID.

Former FTC commissioner Alvaro Bedoya speaks to AdExchanger Managing Editor Allison Schiff at Programmatic IO NY 2025.

Advertisers Probably Shouldn’t Target Teens At All, Cautions Former FTC Commissioner

Alvaro Bedoya shared his qualms with digital advertising’s more controversial targeting tactics and how kids use gen AI and social media.

Wall Street Turned Against Ad Tech – But May Learn To Love It Again

What can pureplay ad tech companies do to clean up their rep on the Street?

Privacy! Commerce! Connected TV! Read all about it. Subscribe to AdExchanger Newsletters

AppsFlyer and Roku’s New SRN Integration Will Shed Light On CTV Campaign Impact

Roku and AppsFlyer announced the launch of a new self-reporting network (SRN) integration between both companies, which will allow mobile app advertisers to more effectively measure their streaming video campaigns

Comic: Gamechanger (Google lost the DOJ's search antitrust case)

DOJ v. Google: How Judge Brinkema Seems To Be Thinking After Week One

Where the DOJ v. Google ad tech antitrust trial stands after one week’s worth of remedies arguments.

Swish, A Company That's Bringing Programmatic to Product Sampling, Announces Seed Funding

Swish, a startup that partners with retailers to provide product full-size CPG samples to people doing their grocery shopping online, announces $2.3 million in seed funding.