Home Online Advertising Why The DOJ Finally Cracked Down On Ad Fraud

Why The DOJ Finally Cracked Down On Ad Fraud

SHARE:

Until now, if an ad fraud scam was uncovered, the criminals behind it would usually fade back into the shadows with impunity, and shortly thereafter, they’d be back at it again – the seemingly eternal game of Whac-A-Mole.

This time, there’s accountability.

Two global botnets, Methbot and 3ve, are no more, and there are real people facing charges.

On Tuesday, the Department of Justice unsealed indictments against eight men from Russia and Kazakhstan accused of running the schemes, which collectively sucked millions of dollars out of the advertising ecosystem over several years.

Three of the accused perpetrators are awaiting extradition, and the remaining five are still at large. They’ve been charged with 13 counts, including money laundering, wire fraud, computer intrusion and aggravated identity theft. [Read the indictment here.]

The Federal Bureau of Investigation collaborated with White Ops, Google and a group of other ad tech companies to dismantle the operations. Methbot was shut down in December 2016, close to the time White Ops went public with the more than 4,000 compromised IP addresses involved in the plot.

The 3ve botnet, which exploited a combination of counterfeit websites, malware, a fake ad network and seats on legit exchanges to do its bidding, was dismantled in October. (Fun fact: “3ve,” pronounced “Eve,” is a portmanteau of “three,” for the three sub-operations within 3ve, and the word “evasion.” Buzzfeed has a detailed report on 3ve’s crackdown.)

But the consequences of this ad fraud campaign are different, said White Ops CEO Sandeep Swadia: “There are handcuffs involved.”

But why now and why is the DOJ interested in this case? Ad fraud has been plaguing the ad industry since the Internet was born.

It came down to two factors: actionable data and a willingness to act, said Tamer Hassan, CTO and co-founder of White Ops.

After White Ops published its paper on Methbot in 2016, federal law enforcement decided it had enough data and materials for the FBI Cyber Division to start tracking other ad fraud operations.

The amount of money involved clearly also piqued the FBI’s interest. The 3ve investigation could shed light on where the cash goes once it’s been stolen.

“When you hack 1.7 million machines at any given time, what else can you do with it? When you make this kind of money, where else can you invest? That is TBD,” Swadia said. “But there are so many downstream possibilities that curbing that flow of money to these guys is the most important thing. That’s why the DOJ was very keenly involved in doing this at a global level.”

Another motivator was the “sheer sophistication and ambition” of the 3ve fraud scheme, which was “metastasizing across the entire ecosystem,” Swadia said.

Shutting down Methbot was a matter of publishing IP addresses to blacklist, but the 3ve case required bigger guns. Simply shutting it down would have tipped off the perps. That’s why killing 3ve required a coordinated effort between the FBI, cybersecurity experts and the ad industry.

And now that there’s a real deterrent against ad fraud, the ad industry has one of the most important tools it was missing to win the war against ad fraud.

“The key here is having consequences,” said Per Bjorke, a product manager for ad traffic quality at Google, who worked closely with the DOJ and White Ops on the takedown. “People are going to now think twice, because they could end up getting arrested and extradited out of their country.”

And now that the ball is rolling, we could see more activity in the year to come, said Amy King, VP of product marketing at fraud detection company Pixalate.

“This case sets a precedent for holding fraudsters accountable,” King said, “We believe there will be more to come in 2019.”

The DOJ did not respond to questions in time for publication.

Tagged in:

Must Read

Kickbacks Takes An Outsider’s View While Bringing Ads To AI Agents

Andrew McCalip is a founding engineer at Varda Space Industries, where he oversees the manufacturing of things like hypersonic reentry vehicles and satellite buses.

CTV Buyers Are Getting The Show-Level Performance Optimization They’ve Always Wanted

A collaboration between InterMedia Advertising, Peer39 and Pontiac Intelligence provided show-level cost-per-acquisition data for 94% of CTV ad impressions.

Advertisers Await Programmatic Pause Ads

The IAB Tech Lab is working on standardizing programmatic signals for new streaming TV ad formats, including pause ads. Meanwhile, many brands are eager to add pause ads to their repertoire.

Privacy! Commerce! Connected TV! Read all about it. Subscribe to AdExchanger Newsletters

Why Media Mergers And Spin-Offs Don’t Always Keep Their Promises

With media megamergers, acquisitions and spin-offs left and right, the media landscape is changing at a pace that is difficult to keep up with.

TransUnion is partnering with Blockgraph so that advertisers can use its identity data to target, reach and measure TV households across channels.

How This Disaster Relief Nonprofit Tapped First-Party Data To Reach Donors Year-Round

Staying top of mind for potential donors is an ongoing challenge for Direct Relief. Nexxen’s audience curation helped it spread and sustain awareness.

Why Major UK Publishers Are Finally Joining Forces To Curate Ad Inventory

Atria’s collective approach is a response to growing monetization challenges and the need to protect the value of human journalism in the AI era.