In the US, the largest bot is not arrested: what does this mean for the digital community?

One of the leading Russian antibot-services tells about what really happened in New York.

On Tuesday, the Prosecutor of the Eastern District of New York filed criminal charges against eight people on 13 indictments related to a digital fraud scheme, dubbed “3VE” (in Russian, read as “Eva”, is a late modification of “Methbot”).

The FBI, in collaboration with Google and White Ops, blocked the two largest Russian-Ukrainian botnets that since 2015 have caused damage to advertisers around the world more than $ 35 million:

1. From 2014 to 2016, the botnet called “Methbot” imitated clicks from real people viewing ads on specially created pages (more than 250 thousand sites) - of these, more than 6 thousand sites were tampered with by well-known brands, on which fraudsters sold advertising at the price of original sites.

It is now established that during this period at least $ 7 million was stolen. However, in 2016, White Ops experts (who, strictly speaking, were the first to notice this botnet) noted that Methbot could earn from $ 3 million to $ 5 million per day, with total global damage in the industry from digital fraudsters - $ 7.2 billion per year.

By the way, in 2018 - the potential threat from digital fraud for advertisers is projected up to 19 billion dollars.

2. From the end of 2015 to October 2018, Methbot transformed into “3VE”
(while retaining some of the functions):
More than 1.7 million devices were infected with malware, which allowed 3VE to use real IP of real users in a fraudulent scheme.

Simply put, the bot wore a human mask in the form of a “residential” IP, and looked through ads, simultaneously performing other conversion actions on the site.

During this time, the estimated damage to advertisers was at least $ 29 million.

Thus, unreal people (bots) looked through advertisements on unreal web sites (bot nets), for which advertisers' intermediaries paid (partner services, advertising agencies, web-masters), whose services, in turn, paid for brands of various degrees magnitude.

3VE - the largest of the now known bot nets, and perhaps the most powerful in terms of the quality of organization.

But unfortunately, not the last: in fact, we are dealing with a historical precedent - for the first time in many years of “blindness,” US law and the world community openly admit that digital fraud exists.

In part, the 2016 US elections served as such a powerful incentive for a full-scale investigation of bot technologies - the US media still supports the trend that “Russian hackers” interfered in social media campaigning using imitator bots (which formed public opinion in favor of certain electorate). However, it can be assumed that 3VE has nothing to do with it, since bot simulators, this is a similar, but fundamentally different technology.

The entire global digital community should say “Thank you” to the Americans - now the industry of digital fraud is officially marked on the “map”, and there is hope that the main market players will also intensify the fight against fake bot traffic.

This operation was the first in history when private companies of large caliber (Google) joined the FBI.
31 primary domains, 89 servers were taken under control, over 1 million IP addresses were secure.

Experts are waiting for Russia to join the fight against digital fraud:
“Every day thousands of bots are blocked on the Internet, fraudulent IPs from all over the world are calculated, and their own investigations are conducted. Now, our development is supposedly also Russian-Ukrainian bot-no, with which the most top advertising networks of the Russian Federation and, accordingly, the largest domestic and international brands unknowingly cooperate. The circuit is similar to 3VE. The nagging is that we know - on such and such sites a large number of bots, they go through the affiliate program to the sites of brands. Brands lose money. But to prove that these are bots, in a legal order - it does not work out yet, because top ad networks do not willingly cooperate, and do not give out their traffic source data. ”

Google Report on “3VE”

US Department of Justice Release (New York Office)

Also popular now: