Russian Hackers Stole $5 Million Per Day From Advertisers With Bots and Fake Websites (cnn.com) 93
Russian hackers have used fake websites and bots to steal millions of dollars from advertisers. According to researchers, the fraud has siphoned more than $180 million from the online ad industry. CNNMoney reports: Dubbed "Methbot," it is a new twist in an increasingly complex world of online crime, according to White Ops, the cybersecurity firm that discovered the operation. Methbot, so nicknamed because the fake browser refers to itself as the "methbrowser," operates as a sham intermediary advertising ring: Companies would pay millions to run expensive video ads. Then they would deliver those ads to what appeared to be major websites. In reality, criminals had created more than 250,000 counterfeit web pages no real person was visiting. White Ops first spotted the criminal operation in October, and it is making up to $5 million per day -- by generating up to 300 million fake "video impressions" daily. According to White Ops, criminals acquired massive blocks of IP addresses -- 500,000 of them -- from two of the world's five major internet registries. Then they configured them so that they appeared to be located all over the United States. They built custom software so that computers (at those legitimate data centers) acted like real people viewing those ads. These "people" even appeared to have Facebook accounts (they didn't), so that premium ads were served. Hackers fooled ad fraud blockers because they figured out how to build software that mimicked a real person who only surfed during the daytime -- using the Google Chrome web browser on a Macbook laptop.
A single tear runs down my cheek. (Score:5, Insightful)
Turn off your ad blocker and reload this page.
Now, look at the shit down there.
Wait, now click on some of them - go ahead. Try the one with the really hot chick or movie star - there's always one of those.
You'll be stuck in horseshit hell. Some have mousetraps and other sleazy techniques to generate more page hits than you intended.
Fuck'em.
I mean really. It's one assholes "stealing" from another.
Re: (Score:3, Insightful)
Re: A single tear runs down my cheek. (Score:5, Funny)
Re: (Score:2)
I am okay with this (Score:5, Insightful)
Every PC I service gets adblocking with customer permission and education on it. It is in my opinion unethical not to. There are so many fraudulent (even browser hijacking and malware delivering ads), that there is no other choice.
Not to mention that it often speeds up browsing by a third or more, pertinent info is easier to find, etc.
Fix the industry or get thee gone.
Re: (Score:3, Funny)
Sounds like an Alien vs Predator deal. So which side should we support here? The bot owners or the evil Russians that pulled off a Russian revolution in America and gave us President Donald Fredovich Trumpov?
Re: (Score:2)
Re: I am okay with this (Score:1)
CNN, NBC, CBS spend so much time on russians and on Putin next time around I will definitely be voting for Comarade Trumpov.
Make russia great again.
Re: (Score:2)
Re: (Score:2)
Re: RUSSIAN HACKERS (Score:3, Insightful)
I can probably find Russia on a map. You going to be down on me for that? Personally I think Trump is an idiot but let him, you know, actually be Prez before you cry about how bad a Prez he is. Otherwise you just sound like crybaby Hollywood celeb.
Re: (Score:2, Informative)
You also leave out that in addition to the State Department there were eight other agencies involved with the deal [businessinsider.com], including the Director of National Intelligence.
But I guess in your fantasy world Hillary was able to cajole all these people, including a foreign government, to make the deal because in a roun
Re: (Score:1)
Because their main competition, the Nigerian Prince, has already been caught. [theguardian.com]
Sounds like a public service to me... (Score:5, Interesting)
If they are identified, I think they should be fined $1 and then be given a medal.
Re: (Score:1)
The Russian way is to hand out a medal and then shoot them.
Re: (Score:2)
Sometimes the only thing more dangerous than the answer is the question. Be careful, comrade!
Re: (Score:1)
nah, these ones have ethics
Re: (Score:1)
The Hillshill tears are delicious. So delicious...
Hacker seems to get thrown around a lot (Score:2)
Re: (Score:2)
bottom feeders (Score:2)
If your stealing from the worst kind of bottom feeders, is it really stealing?
Fake FB accounts (Score:5, Interesting)
I run a couple FB community groups that are quite specific. They aren't of interest to anyone outside the community. Fairly regularly I will get requests to join the group from obviously fake accounts. Many have the wrong gender for their name or profile picture. They will have a small random assortment of friends from vastly different nationalities. They will belong to multiple groups in multiple languages. Most of them I report to FB are immediately classified by them as fake accounts and are deleted.
Anyway, I wondered what the point was of these fake accounts. I thought maybe they harvested information (by joining groups they could see who is in the groups and thus attempt to build a graph connecting users). However, now I believe these accounts are created to consume advertising in scams such as this one, and at least some attempt is made to make the accounts appear genuine by having an array of friends and belonging to groups, etc.
Ah, the Russian hackers (Score:1)
the most talented in the world, but clumsy to the likening of bumbling clowns who drop Russian flags, business cards, e-mail addresses, and personal details, everywhere in their path. The picture of the smart-but-dumb Russian hacker doesn't quite add up.
Re: (Score:3)
If you're asking about the file domains.txt [amazonaws.com], that's not the "bad" domains, that's the "legitimate" advertisers who were victimized by the scheme. The whitepaper doesn't have full technical detail, but it sounds like the bot-farms used hosts files or private DNS to serve pages that seemed to be within those domains, without ever hitting the origin servers or even a public CDN. The list of "bad" actors, by IP address range, is the file IPs-CIDR.txt [amazonaws.com].
Re: (Score:1, Interesting)
The advertisers aren't the ones paying for this service that the "Russian hackers" are providing. The site owners who host the ad campaigns are paying the hackers to inflate their traffic stats in order to defraud the advertising networks.
Granted, I have trouble feeling sorry for the advertisers here too, but these figures are also being used for public traffic stats, which then in turn drives investment and stock prices of internet startup businesses, eventually leading to massive derailment of one of the
Facebook could have caught this (Score:3)
nice. (Score:1)
Hackers fooled ad fraud blockers because they figured out how to build software that mimicked a real person who only surfed during the daytime -- using the Google Chrome web browser on a Macbook laptop.
Ugh. Who the hell would want to advertise to those assholes? I mean, Mac users are bad enough, but Mac users running Chrome... *shudder*
... who only surfed during the daytime...
Let me guess: IPs spoofed to look like they came from a Panera?
Re: (Score:2)
well yeah.
mind you that when google does it, then it's not fraud. only when some "crooks" do it.
also they were creating fake accounts, which counts as fraud of some kind depending on where the "crime" of creating them took place.
World's smallest violin (Score:1)
I am playing one right now.
Is there a newsletter? (Score:5, Insightful)
...because I'd rather get the DNC/Obama Admin "message of the day" directly first thing in the morning, instead of having to wait for it to filter through their shills and then social media.
Thanks!
Re: (Score:2)
They probably have plenty of tips: these sticks are good for kindling, those sticks can fend off dogs, these over here make good imaginary swords to scare the passers-by.