Ad fraud is cash out for hacking

February 2020 / Page 0marketing.scienceconsulting group, inc.
linkedin.com/in/augustinefou
Ad Fraud is “Cash Out”
for Malware/Hacking
February 2020
Augustine Fou, PhD.
acfou [at] mktsci.com

Why do hackers hack?

To make enormous profits
Stealing from digital ad budgets – like an open vault of gold
Advertisers Publishers
Bad Guys
1/3
2/3
Ads are not shown
to humans, wasted
ad dollars
Ad revenue declines
because dollars are
stolen by bad guys.
Steal money using fake ads;
siphon dollars out of ecosystem.

How big? $330B every year
Worldwide digital ad spending to exceed $330 billion by 2020

How do hackers make
money?

Counterfeit goods bits/bytes
Fakes or unauthorized replicas of real ad impressions
ad impressions shown to
bots/software not to humans
ad fraud

Simple three step process
1. set up
FAKE SITES
2. buy
FAKE TRAFFIC
3. sell
FAKE ADS

More profitable use of DDoSNow use enormous DDoS traffic to generate enormous ad revenues
Google Digital Attack Map

New “largest ever” botnet every year
Vast botnets targeting high-value video ads, disguising/hiding

Fake Sites, Fake News Thrive
November 2019
https://www.buzzfeednews.com/
article/craigsilverman/fake-local-
news-sites-albany-edmonton
February 2020
https://www.buzzfeednews.com/article/
craigsilverman/these-fake-local-news-
sites-have-confused-people-for-years
Fake sites are
spreading
disinformation,
hate, fake news,
and other
content; they
are able to
thrive and grow
because they
make money
using adtech.

What about mobile?

Millions of apps on millions of phones
Apps loading ads in background, continuously; stealing data
September 2019
article/craigsilverman/sweet-
camera-play-store-removed-
ihandy
May 2019
article/craigsilverman/vidmate-
app-download
April 2019
article/craigsilverman/google-
play-store-ad-fraud-du-group-
baidu

Millions of apps on millions of phones
Stealing data, abusing permissions, attribution fraud
October 2018
article/craigsilverman/how-a-
massive-ad-fraud-scheme-
exploited-android-phones-to
November 2018
article/craigsilverman/android-
apps-cheetah-mobile-kika-
kochava-ad-fraud
March 2019
article/craigsilverman/in-banner-
video-ad-fraud

Uber sues 100 mobile exchanges
https://www.linkedin.com/pulse/stone-meet-glass-
house-significance-ubers-second-ad/
Mobile exchanges
were falsifying
placement reports to
make it appear the ads
ran on legitimate sites
and apps; some
exchanges were
fabricating the reports
entirely, when no ads
were even shown

(2017) Been going on for a while…
May 26 Forbes “Judy Malware”
• 40 bad apps to load ads
• 36 million fake devices to load
bad apps
• e.g. 30 ads per device /minute
• 30 ads per minute = 1 billion
fraud impressions per minute
June 1 Checkpoint “Fireball”
• 250 million infected computers
• primary use = traffic for ad
fraud
• 4 ads /pageview (2s load time)
• fraudulent impressions at the
rate of 30 billion per minute

What about CTV/OTT?

Mobile Apps Fake Video Streams
January 2020
article/craigsilverman/grindr-
roku-apps-ad-fraud-scheme
Source: http://blog.pixalate.com/invalid-ssai-measure-ott-ctv-ad-fraud
Fraudsters use the same bots to
simulate more video streams to
cause more video ads.

What else?

Browser extensions, js code
Extensions can load ads, fake clicks, record clicks, exfiltrate data
https://gadgets.ndtv.com/internet/news/google-chrome-web-store-
extensions-500-removed-ad-fraud-2180242
Source: Freedom to Tinker, Nov 2017

Malvertising
Malware in ads used to compromise fresh devices, for ad fraud
https://twitter.com/j_rom_/status/1221715676907393024
https://medium.com/@clean.io/summary-of-
malicious-ads-and-reputation-threats-q3-2019-
2dd285e1c65a

Online child abuse images
“Using a variety of sophisticated techniques to avoid detection,
offenders are exploiting online advertising networks to
monetise their distribution of child sexual abuse material.”
Source: The Drum Nov 6, 2018 Source: CNN, Feb 2019 Source: NYT, Sep 2019

Alter measurement; click fraud
Make the ads appear viewable; affiliate fraud (click flooding)
Buzzfeed, March 2018
Source:
http://articles.latimes.com/2013/apr/19/business/la-
fi-mo-cookie-stuffing-ebay-20130419
“Laguna Niguel man pleads
guilty in 'cookie stuffing' scam
against Ebay. The online
auctioneer paid Dunning’s
company about $5.2 million in
2006 and 2007, the U.S. Attorney
said.”

Stolen identities; fake accounts
Unverifiable lookalike audiences contain fake profiles/preferences
Bots pretend to be
oncologists by visiting
oncology related sites.
“[LOTAME] purged 400 million
of its over 4 billion profiles after
identifying them as bots.”
Adweek, Feb 2018

Money laundering
Dollars are laundered as digital media ad spend on “cash out” sites
1. Buy and place digital ads on sites and apps
controlled by the same entity
2. Collect dollars from “cash out” sites, fully
laundered

Financial crimes - laundering
Dollars are laundered and moved via digital games, virtual goods
Valve suspended the trading between
players of “container keys”—an in-
game gambling device that players can
buy (with real money) to try to win
(virtual) rewards such as special
weapons or clothing. The firm says
“nearly all” of the trades of such
keys were “believed to be fraud-
sourced”. It is a rare admission of the
growing problem of using video games
to facilitate financial crime.
https://www.economist.com/finance-and-
economics/2019/11/07/financial-crime-through-video-
games-is-on-the-rise

About the Author
Augustine Fou, PhD.
acfou [@] mktsci.com

Dr. Augustine Fou – Researcher
2013
2014
Published slide decks and posts:
http://www.slideshare.net/augustinefou/presentations
https://www.linkedin.com/today/author/augustinefou
2016
2015
2017
20192018

Ad fraud is cash out for hacking

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Ad fraud is cash out for hacking

Similar to Ad fraud is cash out for hacking (20)

More from Dr. Augustine Fou - Independent Ad Fraud Researcher

More from Dr. Augustine Fou - Independent Ad Fraud Researcher (12)

Recently uploaded

Recently uploaded (20)

Ad fraud is cash out for hacking