Justice US has dismantled botnets used for fraud via ad networks. Criminals used, among other things, an infrastructure to place advertisements on self-made websites, which were clicked on by virtual users.
The action focused on two international gangs of cybercriminals. Eight suspects have been charged and individuals have been arrested in Malaysia, Bulgaria and Estonia. The US has requested their extradition. The persons are suspected of fraud, computer intrusion, identity theft and money laundering. With their activities, they managed to wipe the ad industry more than $ 36 million according to the US.
The criminals pretended that it was a legitimate internet advertising company, but in fact, they advertised large numbers of fake sites which were clicked by fake users. Justice VS distinguishes two methods that they used: a data center based and botnets
The data center based on data centers, which is referred to as ” Methbot “, took place from 2014 to the end of 2016. The gang hired more than nineteen hundred servers to house home-made sites, in which more than five thousand domains were spotted. The servers were also used to simulate internet activity, including mouse movements. To pretend to be real users, the criminals took away 650,000 IP addresses. Advertisers paid more than 7 million dollars for the ads, which were never shown to real users.
The second method went via networks of botnets. More than 1.7 million computers infected with Kovter malware ran in the background browsers with websites made by criminals that loaded advertisements. This form of fraud cost the advertising industry more than $ 29 million. The FBI has seized domain names, searched servers and analyzed bank accounts.