When is a banner ad not a banner ad? When it's a hidden video ad generating fraudulent advertising revenue while draining your phone battery and using your valuable data allowance. As BuzzFeed reports, it's been discovered that in-app banner ads have been hijacked on a massive scale to generate revenue for fraudsters working within the digital advertising industry. The people who suffer are consumers and their devices, but also the app developers who receive complaints regarding how quickly their apps are draining phone and tablet batteries. The fraud was discovered by two ad fraud labs, Protected Media and DoubleVerify.
BuzzFeed News has confirmed a massive ad fraud scheme, which was originally uncovered by at least two fraud detection firms, that drained users' batteries and data. The scheme begins by hijacking the in-app advertisements of developers using Twitter's MoPub ad platform. It then silently runs autoplaying video ads behind legit banner advertisements, with the users being none the wiser. And since the video ads are still marked as completed even though none of the viewers got to see them, the scheme also rips off hapless advertisers. Protected Media, one of the anti-fraud firms that discovered the scheme, absolved Twitter of any wrongdoing -- the social network itself was merely exploited by the fraud's masterminds.
Google and the FBI have busted a major ad-fraud operation that hijacked almost two million devices. A 13-count indictment unsealed on Tuesday brings charges against eight people surrounding their involvement in a digital advertising fraud scheme referred to as '3ve' and Methbot. Not only did the scammers siphon off millions of dollars from the advertising industry, but at the height of its operation, 3ve infected about 1.7 million computers, 5,000 counterfeit websites and about 60,000 accounts with ad companies. A 13-count indictment unsealed on Tuesday brings charges against eight people surrounding their involvement in digital advertising fraud schemes referred to as '3ve' and'Methbot' Methbot was a sprawling advertising fraud scheme. It involved scammers collecting false clicks on ad campaigns by linking them to false IP addresses.
Late last year, DoubleVerify Inc., a company that offers software for advertisers and ad vendors to authenticate ad inventory, identified a scheme it says was designed to take advantage of the growing adoption of Ads.txt. DoubleVerify estimated the scam could have taken between $70 million and $80 million of advertisers' spending a year had it gone unchecked. First, the fraudsters scraped content from legitimate sites to create copies. Then they deployed "botnets" of consumer devices infected with malware to generate fake page views on the mock sites. Usually, this is where Ads.txt could go some way to preventing fraud: Buyers offered the resulting ad impressions could check the legitimate sites' Ads.txt files to see whether the impressions come from authorized vendors.
Google says it's removed the apps and blacklisted the websites employed in a massive ad scam that made millions for fraudsters who used bots trained to mimic human user behavior. The scheme, described in a Buzzfeed News report, centers on a company called We Purchase Apps that does exactly that, paying for apps generously in bitcoin and transferring ownership to various front and shell companies in Cyprus, Malta, British Virgin Islands, Croatia, and Bulgaria. The scheme reportedly involved 125 Android apps and websites. To create convincing bogus traffic to sell, the fraudsters buy legitimate Android apps with an established reputation and then study the behavior of their users. Using this information, they can create bots that act like human users to send real-looking traffic to the fraudster's app.