Ad Fraud Criminal Network Busted -- Breaking news

[Graybeard]

I wonder how this fraud affected your ad buys and your ad sales?
How did this affect your CR and EPC?

• Did you get ripped off with fake traffic?
• Did you get accused of sending fake traffic as a publisher?
• Do you understand what has happened here and do you give a shit?

Source and indictment filed 11/27/2018:

Feds take down international hacker ring that cost advertisers millions - Marketing Land

Two International Cybercriminal Rings Dismantled and Eight Defendants Indicted for Causing Tens of Millions of Dollars in Losses in Digital Advertising Fraud

https://www.justice.gov/usao-edny/press-release/file/1114576/download
^^^indictment


RMT:SK/AFM/MTK
F. #2016R02228
UNITED STATES DISTRICT COURT
EASTERN DISTRICT OF NEW YORK

UNITED STATES OF AMERICA
- against -
ALEKSANDR ZHUKOV,
BORIS TIMOKHIN,
MIKHAIL ANDREEV,
DENIS AVDEEV,
DMITRY NOVIKOV,
SERGEY OVSYANNIKOV,
ALEKSANDR ISAEV and
YEVGENIY TIMCHENKO,
Defendants


________________________________
THE GRAND JURY CHARGES:

...

Brands commonly paid for advertising on a lump-sum basis,and publishers commonly received payment based on how many times users clicked on or viewed advertisements (sometimes referred to as "impressions").
The entities in between the brands and the publishers—the DSPs, SSPs and ad networks that connected SSPs with publishers—charged fees along the way.

3.
The defendants in this case used sophisticated computer programming and infrastructure spread around the world to exploit the digital advertising industry through fraud.
They represented to others that they ran legitimate ad networks that delivered advertisements to real human internet users accessing real internet webpages.
In fact, the defendants faked both the users and the webpages: in each of the charged schemes, they programmed computers they controlled to load advertisements on fabricated webpages, via an automated program, in order to fraudulently obtain digital advertising revenue.

4.
In one iteration—a datacenter-based scheme referred to in the ad industry as "Methbot"—the defendants used computers they controlled that they had rented from commercial datacenters in Dallas, Texas, and elsewhere.

5.
In another iteration—a botnet-based scheme referred to in the ad industry as "3ve.2 Template A"—the defendants used computers to which they had gained unauthorized access (i.e. that had been "hacked"), including computers belonging to ...

Case 1:18-cr-00633-ERK Document 8 Filed 11/27/18 Page 2 of 34 PageID #: 49

 

[PurePay]

Hell yeah! Finally someone gets taken down.

 

[Graybeard]

Read through the indictment -- there are many insights as to how they did this ...

 

[Katya]

It's definitely a clever and sophisticated scheme, cannot deny that, but "these massive fraud operations hurt advertisers and undermine the digital advertising ecosystem as a whole." which is not ok on so many levels. I guess we can congratulate those WhiteOps folks who initiated the investigation - apparently they were the first to realized that something is wrong.

“These individuals built complex, fraudulent digital advertising infrastructure for the express purpose of misleading and defrauding companies who believed they were acting in good faith, costing them millions of dollars. This kind of exploitation undermines confidence in the system, on the part of both companies and their customers.” (from the second source)

I have dealt with fake traffic - some people decide that its very smart and don't think at all that networks and advertisers have lots of tools and ways to find out which traffic is fake and which isn't. I haven't dealt with this kind of very well-thought fraudulent activity, of this magnitude.
I never sent fake traffic myself and was never accused of doing so.
I think I do and give a shit - these kinds of things are burning the trust in everyone - in publishers, advertiser, netwokrs. Not to mention the damage they've cost and probably the business they destroyed.

 

[PurePay]

Read through the indictment -- there are many insights as to how they did this ...

They went all out on this to make sure they seemed as professional and 'real' as possible in order to scam.

Sad mentality to scam other people who have worked hard for theirs, when these guys could have done something on a legit way to make money. They don't seem like idiots, just without a moral compass...

 

[Graybeard]

What I found interesting is that they were able to buy IPs and then configure them to data-center servers.
Your server is in a USA server farm and your IP is located in France or Germany and not an IP belonging to an AS block assigned to a datacenter <<< this will evade most blocking and security.

You can bind any ip that is assigned to you to your server with IPv6 there will be exponentially multitudes of IP possibilities

340,282,366,920,938,463,463,374,607,431,284,117,772

To be *exact*
chasing needles in the Haystack Mountains !

 

[webDOMinator]

I have a method for knowing if a visit is a bot or not with 99% accuracy.

 

[Axel_inferno09]

I have a method for knowing if a visit is a bot or not with 99% accuracy.

Can you please share? You can even share it via PM

 

[webDOMinator]

Can you please share? You can even share it via PM

I'm writing an article on it now... should be up shortly

 

[webDOMinator]

Okay, article is finished. It also provides links to the different pieces it explains.

CSP Causes Slow Death for Embedded Browser Bots

 

[Dave Styles]

Why doesn't the Google founders go to prison? They have easily stolen billions from advertisers. They knowingly serve fake traffic on there display network. Theirs 3rd party companies that are in business to help you weed out Googles fake traffic. If Google removed all the fake traffic sites in there display network they wouldn't have a display network. When you find fake traffic and bring it to there attention they usually never refund the fraud traffic

 

[Graybeard]

Why don't we send all the policemen to prison -- we still have crime?

How come there are always crimes? Same with fraud -- easy money.

Hooked up to proxy IPs

Android is LINUX and can be rooted and scripted

 

[kata]

Are they all Russians? If hackers are supported by a country's intelligence agency, how can they be arrested and punished?

 

[Graybeard]

I have no reason to believe they are *state supported*
They are just charged in a criminal indictment.
I have no idea if they will ever be extradited from the Russian Federation.
The indictment will "toll the statute of limitations" --they could be arrested in a third country that will extradite if they leave Russia.