White Ops today reported that a group of Russia-based cybercriminals is stealing $3 million to $5 million daily from premium-video-focused advertisers. The fraud-fighting player discovered an extensive network of automated web browsers called Methbot, which it says consists of custom software running on data servers in Amsterdam and Dallas.
According to White Ops, Methbot runs differently than common fraud bots, which usually infect computers with malicious software that serve ads seen by zero people. The ring of fraudsters created approximately 600,000 counterfeit IP addresses that appear to be legitimate, the researchers said, by hacking into a pair of the world's regional internet registries.
The nefarious operators then registered those IP addresses to actual online service providers such as Verizon, Comcast and Spectrum (formerly Time Warner). This tactic made their faux internet activity appear genuine before commanding their bot army to generate 200 million to 300 million impressions and charging brands for premium video ads.
White Ops said the scam affected some 6,000 top publishers including ESPN, Fox News, Fortune, The Huffington Post, The Economist, ESPN, Vogue and CBS Sports.
A White Ops spokesperson told Adweek that Methbot is still running, and it seems uncertain when the fraudulent operation began.
It's yet another black eye to an already battered digital advertising marketplace, which has been battling fraud in recent years. The news likely comes as a sordid reminder about the complexity of the battle ahead—a battle many in the industry have been fighting in earnest.