A large, lucrative botnet is targeting the online advertising industry, according to a report released March 19 by Spider.io, a London-based company that analyzes abnormal Internet traffic. Spider named the fraud ring, discovered on Feb. 28, the Chameleon Botnet.
More than 120,000 infected computers in America are defrauding online advertisers out of millions of dollars, according to the report. The 120,00 found so far are almost all home computers running Windows. The greatest concentrations of infected computers are in Texas, California, and Hawaii, but every state has at least some. The top three states have 10,000 or more infected computers.
The fraud works by tricking online advertisers into displaying ads to the bot, instead of to a real pair of human eyes. The advertisers pay either per display or per click and do not realize that the ads are not reaching an actual person.
According to Spider, Chameleon targets a cluster of at least 202 websites. Every month, 14 billion advertisement impressions are served on those sites, but at least 9 billion of those come from the botnet. The bots appear to be concurrent visitors to the sites, but in reality they are not.
The report described the attack as highly sophisticated because the bots mimic normal human users in some ways, even appearing to generate mouse clicks. However, the bots were oddly homogenous—more so than real Internet users. They visit the same few websites and claim to be using Internet Explorer 9.0 running on Windows 7.
The bots place a heavy load on the infected computers, causing them to crash and restart. At each crash, the infected computer requests a new set of cookies, which is one of the signature behaviors Spider used to identify Chameleon.
The company published a blacklist of 5,000 IP addresses, which are numbers for individual devices, that advertisers can use to protect themselves from the fraudulent network.
The Epoch Times publishes in 35 countries and in 21 languages. Subscribe to our e-newsletter.
Friends Read Free