Home / malware Methbot
First posted on 02 March 2017.
Source: SecurityHomeAliases :
There are no other names known for Methbot.
Explanation :
Russian criminals are using a system dubbed Methbot to steal up to $5 million from media companies and marketers each day. White Ops, the digital security company that discovered the scheme, described it as "the largest and most profitable ad fraud operation to strike digital advertising to date."
Methbot works by using "an army of automated web browsers run from fraudulently acquired IP addresses" to watch up to 300 million video ads each day. You might say that Methbot is the one who watches, if only because every mention of methamphetamine is legally required to be followed by a Breaking Bad reference, and in watching all these videos it tricks advertising companies into shelling out millions of dollars to the bot's operators.
The scheme is said to be powered by 800 to 1,200 servers in the United States and the Netherlands using 571,904 dedicated IP addresses. Methbot uses all these resources to masquerade as premium websites--of which Methbot targeted and spoofed more than 6,000--to fool advertisers into thinking expensive ads were being viewed hundreds of millions of times. The end result: a transfer of funds between US companies and Russian criminals.
Many advertising platforms take steps to defend themselves from these schemes. Methbot differs from previous efforts in that it uses sophisticated techniques, from masking an IP's location and using social networking accounts to faking mouse clicks and using countermeasures for many popular ad systems, to evade detection so it can rake in the fraudulently earned money without having to worry about marketers catching on to its scheme.
But perhaps Methbot's best defense is the convoluted systems on which advertising platforms rely.Last update 02 March 2017
