With an ever-expanding digital space, we find ourselves in a world where businesses are constantly striving to reach a bigger audience. This has led to several companies paying billions to advertising sites and applications for space to showcase their products and services. Many different companies, from retail businesses to online gaming platforms like https://vulkanvegas.com/ca, spend a ton of money on online advertising to boost their market share.
With more money going around, it’s not surprising that fraudsters would want to tap in on all that revenue. For years, groups of malicious hackers have been joining forces to create what we call ‘ad fraud rings’ in an effort to siphon some of the income designated for legitimate advertising networks. Unfortunately, the amount lost to ad fraud rings has been going up annually and is now in the range of billions of dollars.
Back in 2016, the World Federation of Advertisers (WFA) predicted that by 2025, ad fraud would cost advertisers over $50 billion, closely rivalling the illegal drug trade in size. So far, several ad fraud rings have been discovered. Some have been shut down, while others continue to fraudulently benefit from infected devices while remaining undetected. Here’s a highlight of the most notorious ad fraud rings according to how much the swindlers benefited from their respective activities.
1. Methbot
- Daily Earnings – $3,000,000
- Compromised Devices -0
- Status – Active
This is by far the biggest fraud ring in history and one that clearly demonstrates how quickly hackers have been evolving over the years. For one, the fact that it does not operate by infecting user devices with malware makes it all the more dangerous and harder to shut down. However, its scope continues to get smaller by the day.
Instead of individual devices from legit users, the masterminds behind the ring use sets of existing IP addresses used by proxy servers to view video ads that generate millions per day as per the CPM. It has been reported that the ring has managed to gather up to 852,992 unique IP addresses. These IP addresses have been used to swindle genuine advertisers with the promise that their content will be put in front of a real audience.
2. SilentFade
- Daily Earnings – Unknown (over $4,000,000 paid out by users)
- Compromised Devices/ Users – 10,000 Facebook accounts
- Status – Shut down in 2020
This is another unique fraud ring that managed to hack into over 10,000 Facebook accounts and took a good four years before being discovered. SilentFade (silently running Facebook Ads with exploits), which reportedly originated from China, had initially targeted Chinese users. By the time of its discovery in 2020, SilentFade had managed to infiltrate the accounts of users in about 10 countries worldwide.
The group’s operations came to light after users reported suspicious activity, including some unauthorized transactions on their linked cards. The affected accounts were used to create fake ads, which generated income for the fraudsters.
3. Chameleon
- Daily Earnings – $200,000
- Compromised Devices – 120,000
- Status – Active
The Chameleon ad fraud ring is one of the most elusive to authorities and still remains active despite having been in operation for just under a decade. The crew uses a botnet installed on multiple user devices to fraudulently visit targeted sites for a profit estimated to be about $6 million a month. Currently, it remains a mystery as to how many devices are still infected, but there is no doubt that the people behind it are still benefiting from the fraudulent earnings.
4. ZeroAccess
- Daily Earnings – $100,000
- Compromised Devices – 2,000,000
- Status – Shut down in 2012
The attack was launched in the form of a Trojan horse which managed to get installed on over 2 million computers in 2011 and 2012. The botnet on the affected computers was used to mine crypto and illegally click on ads. There is speculation that the network of infected machines could be as high as 9 million, making the scale of the operation one of the biggest according to ad fraud statistics. The good news is that most antivirus software today can detect and remove Trojan horse malware from user systems.
5. Hummingbad
- Daily Earnings – $10,000
- Compromised Devices – 10,000,000 Android phones
- Status – Active
Although the earnings are smaller than the above-mentioned ad fraud rings, this is one of the most successful in terms of the number of affected devices. In fact, it was so effective that it’s still active to date, using Android phones to view mobile ads and download apps without users’ knowledge.
In 2006, Clickbot.A, was the first-ever ad fraud ring that infected over 100,000 machines and earned about $10,000 per day before being shut down. Since then, it was only a matter of time before attacks would get more sophisticated and illegally earn more money without having to necessarily infect too many devices. As fraudsters continue to get bolder and devise more elaborate means to defraud advertisers, the challenge lies with advertisers to look for ways to get their products seen by real people. Security firms play a significant role in exposing such rings and stopping or minimizing their effect on ad revenue.
