Anyone who’s ever been involved with digital advertising
knows the perils of fraud. To some degree, it’s unavoidable. But a massive new
botnet called Chameleon has taken advertising fraud to a new level.
 |
| Chameleon bot distribution (courtesy of spider.io) |
A security researcher who goes by Spider.io announced
yesterday he has discovered a botnet responsible for as many as 9 billion fraudulent
ad impressions. Chameleon targets 202 websites that, in total, only receive 14
billion impressions on ads. That means the botnet is responsible for about 64%
of the impressions on these sites.
Good news for the site owners, bad news for the advertisers
doling out 9 billion impressions worth of cash.
The botnet consists of more than 120,000 host machines
running Windows 7. According to Spider.io, 95% of the machines are based in the
United States.
You may be thinking this is no big deal; a few extra ad
clicks can’t be that bad, right? It turns out those fraudulent clicks add up to
about $6 million per month. Ouch.
Chameleon is unique, and called Chameleon, because it’s so
good at mimicking real visitors and fooling anti-bot measures.
Chameleon is a sophisticated botnet. Individual bots run
Flash and execute JavaScript. Bots generate click traces indicative of normal
users. Bots also generate client-side events indicative of normal user
engagement. They click on ad impressions with an average click-through rate of
0.02%; and they surprisingly generate mouse traces across 11% of ad
impressions. [spider.io]
But despite such sophistication, Spider.io revealed that as
a group, the behavior of the bots was in fact quite homogenous and ultimately
allowed the researcher to isolate the botnet.
No comments:
Post a Comment