Thursday, April 15, 2021

Chameleon Botnet Stealing $6 Million Per Month

Web analytics firm spider.io says it has discovered a botnet it calls “Chameleon” that is stealing more than $6 million dollars per month from advertisers. The botnet pretends to click on Internet display ads, tricking advertisers into paying for more views than they actually receive.

Ars Technica’s Sean Gallagher reported, “Security researchers have discovered a botnet that is stealing millions of dollars per month from advertisers. The botnet does so by simulating click-throughs on display ads hosted on at least 202 websites. Revealed and dubbed ‘Chameleon’ by the Web analytics firm spider.io because of its ability to fool advertisers’ behavior-tracking algorithms, the botnet is the first found to use display advertisements to generate fraudulent income for its masters.”

CNET’s Don Reisinger added, “The botnet is made up of over 120,000 host machines running Windows, according to Spider.io. Those machines are connecting to the Web with a Flash-friendly Trident-based browser that executes JavaScript. The vast majority of the machines — 95 percent — have come from U.S.-based IP addresses.”

PCMag’s Stephanie Mlot noted, “Spider.io has been tracking the botnet since December, and with the help of display ad exchanges and demand-side platforms, identified ‘deviant consumption,’ which accounted for 9 billion fraudulent display ads served a month.”

The BBC quoted spider.io’s Douglas de Jager who said, “This particular botnet is being used to emulate human users surfing the web, mimicking normal browsing sessions and normal ad engagement. It is difficult to imagine why one would run this type of botnet across a cluster of 202 sites other than to commit display advertising fraud. Unfortunately, we can’t be sure precisely which of the financially motivated parties is behind this. It could perhaps even be a single person within one of the companies, unbeknownst to others at this company.”

Similar articles

Latest Articles

NVIDIA’s New Grace ARM/GPU...

This week is NVIDIA’s GTC, or GPU Technology Conference, and they likely should have changed the name to ATC because this year – it...

What is Data Segmentation?

Definition of Data Segmentation Data segmentation is the process of grouping your data into at least two subsets, although more separations may be necessary on...

The Conversational AI Revolution:...

One of the things I’m looking forward to seeing at next week’s NVIDIA GTC event is an update on their Conversational AI efforts. I’m fascinated...

Edge Computing

Edge computing is a broad term that refers to a highly distributed computing framework that moves compute and storage resources closer to the exact...