Chameleon Botnet Cheats Online Advertisers $6.2 Million Monthly

By Tara MacIsaac, Epoch Times
March 20, 2013 7:56 am Last Updated: April 3, 2013 9:27 am, a company that tracks online advertisement views, announced Tuesday that it has uncovered a massive network of bots that generate fake clicks on ads and websites. Under the pay-per-click model used for online advertising, advertisers paid $0.69 on average for every thousand clicks made by the botnet.

The total cost to advertisers has been a combined $6.2 million per month.

Spider, working with digital marketing companies Data Xu and Media 6 Degrees, traced the network to 120,000 infected host machines in the United States.

Bots part of what has dubbed the Chameleon botnet cause systems to crash and restart frequently—their most distinctive feature. The bots strain the host machines with a heavy load as they masquerade as several users at once, visiting multiple websites. Upon restarting, the bots request a new set of cookies.

California and Texas are the states with the largest number of infected machines, but computers from every state have been infected. began tracking Chameleon Botnet in December 2012. It found other distinguishing characteristics besides the crash-and-restart signature.

Chameleon bots limit their activity to 202 websites. The bots click on the same place within the ads, and their mouse traces also give them away. All bots also appear as users on Internet Explorer 9.0 running on Windows 7. All infected machines have the Windows operating system.

Microsoft and Symantec uncovered a botnet in February called Bamital that also impacted hundreds of thousands of computers and cost advertisers about $1 million per year, according to Reuters.

Chameleon “is at least 70 times more costly than the Bamital botnet,” states’s report.

Chameleon is also the first botnet to trick display advertisers instead of just text-link advertisers. Algorithms used by display advertisers are more complex, and more likely to detect fake clicks.

“For the Chameleon botnet to evade detection and to impact display advertisers to the extent that it has requires a surprising level sophistication,” states