Home Tags Coca-Cola

Tag: Coca-Cola

Going down to the Silicon Bayou: Scenes from Collision 2017

Now annual gathering offers IT, security, startups, and more over three days in NOLA.

CEO of company that makes $400 juice appliance has a message...

CEO Jeff Dunn takes to Medium to post a defense of his business.

Fraudulent Video Ad Bot Rakes in Close to $5 Million Daily

Researchers say a cybercrime group has been earning as much as $3 million to $5 million daily by generating up to 300 million fraudulent video-ad impressions per day. The group behind the ad fraud has created a complex bot farm called Methbot using thousands of proxies and dedicated, deceptive IP addresses to con mainstream advertisers into thinking their ads are running on major media websites. According to researchers at White Ops who uncovered the ad fraud, those behind Methbot are using bare metal servers hosted at data centers in Dallas, Tx., and Amsterdam to power 600,000 bots with forged IP records that that make it appear online ads are being viewed by U.S.-based ISP customers of Verizon, Comcast, AT&T and others. Next, the fraud includes an automated software program that mimics a user watching video ads. Methbot operators abuse advertisers and publishers alike by spoofing the data collected by view-ability measurement providers, including video time watched and engagement actions like mouse movements, according to White Ops who published a technical analysis of its discovery Tuesday. Another chief component of Methbot is the exploitation of the complex online advertising arbitrage system of simultaneous buying and selling of online video-ads. “Let’s assume that (The New York Times) presells 90 percent of its ad impressions, but the remaining 10 percent remains unsold.

The inventory that isn’t presold is then sold on the ‘open market’ where re-sellers scoop up the 10 percent,” explains White Ops. Unsold video-ad inventory can be snatched up by Methbot and shown to its army of fake users. “It means that Coca-Cola could potentially — under certain scenarios that are well understood by criminals — hand over their cash to anyone for NYT ad placements and not think it was suspicious,” researchers said. Part of the elaborate scheme also includes creating fake sites with IP addresses forged to appear affiliated with major U.S. media companies.

That allows crooks to obtain video-ad inventory to display to its fake mainstream media websites for top dollar.

And, of course, those ads are viewed by Methbot’s fake viewers. Researchers say ad fraudsters are targeting video ads because they are the most lucrative, paying as much as 3 cents per view.

As of October, White Ops estimates that Methbot is generating upwards to $5 million daily based on the 3 cent increments. Methbot, researchers say, is unique in its ability to defraud advertisers compared to other ad fraud botnets.

According to researchers, competing ad-fraud bots have only raked in a fraction of Methbot’s earning ability.

Competing ad-bots such as ZeroAccess are thought to have collected as much as $900,000 per day, the Chameleon Botnet took up to $200,000 per day, and HummingBad took up to $10,000 per day, according to White Ops. “Primary difference (between earlier ad-bots) is that unlike primary bots that rely on residential IP space/home computers infected with malware, Methbot operates purely out of data centers and also does not rely on standard web browsers (Chrome, Internet Explorer).
It actually uses a custom web browser code created from scratch,” researchers told Threatpost.

The strength of the Methbot is that operators are in full control of their own servers and nodes and can count on both reliability and resiliency of the network. According to researchers, the operators of the Methbot network are based in Russia. Researchers said in 2015 they began tracking an early and benign incarnation of the Methbot signature it called C3. “We continued to track the evolution of C3 as it expanded and grew into ‘Methbot.’ On Oct. 5, Methbot began to scale aggressively reaching as many as 137 million ad impressions per day.” By the middle of October, said Methbot had dramatically scaled to three billion to five billion ad requests per day.

A rough estimate of revenue earned between the time Methbot reached scale and Dec. 1 would be between $171 million and $285 million. White Ops estimates the price of operations for Methbot to approximately $200,000 a month, based on dedicated server pricing. Researchers released details of the 500,000 faux IP addresses and 6,000 hijacked publisher domains to help with fraud prevention and remediation.

‘Hacker’ accused of idiotic plan to defraud bank out of $1.5...

Home IP, check. Own email, check. Arrest, certain A newly unsealed indictment has detailed accusations of what appears to be one of the most inept pieces of computer crime in recent history. Dwayne Cartouche Hans Jr, 27, from Richland, Washington, is charged with computer and wire fraud, as well as money laundering charges, and accused of stealing $134,000 from a bank and trying to get another $1.5m after working out how to game the bank's computer system and a government payment site. According to court documents [PDF], in March of 2015 Hans set up five accounts at an unnamed bank using his home internet account and giving his home address, date of birth, home phone number, and full name. He then illegally accessed two accounts at JP Morgan that were owned by the unnamed bank and transferred $134,000 into the account. The money was used over the following month to buy shares in blue-chip companies like IBM and Coca-Cola in Hans' name, to funnel $7,500 into a property investment in New York, and to pay the bill of someone Hans was friends with on Facebook, the indictment states. Some money was also used to pay Hans' ISP, according to an FBI investigator, and a link was set up between the JP Morgan accounts and Hans' personal PayPal account. The investigator said this was added as another way to funnel funds from the account. The FBI also claims that Hans went onto the website for the US General Service Administration System for Award Management (SAM), which is used to pay contractors of the American government. Once there, it is alleged that he tried to divert $1.52m from the Pension Benefit Guaranty Corporation – a pension-industry funded operation run by the government – into his own accounts. Again, this wasn't a subtle operation if the investigators are to be believed. The email address used to gain credentials to the SAM site was Dwayne.hansjr@outlook.com. Hans was arrested on Wednesday after a month of FBI surveillance and is being extradited to New York for trial. "Cybercriminals scour the internet for information they can use to steal with impunity," said US Attorney Robert Capers. "They threaten to undermine our confidence in the internet and in the cyber world, on which we rely each and every day. The arrest sends all would-be cyber criminals a message – we will find you, and we will bring you to justice." ®