Brazilian Ad Fraud Network ‘Camu’ Hits 2B+ Daily Bid Requests

August 29, 2024 at 05:04PM A Brazilian piracy network, “Camu,” once processed over 2.5 billion ad bid requests daily across 132 domains, prompting HUMAN Security’s intervention. By using a simple cookie-based redirection method, the network directed users to “cashout sites” with ads, tricking investigators to decoy sites. This illustrates the challenges in the automated online … Read more

‘Konfety’ Ad Fraud Uses 250+ Google Play Decoy Apps to Hide Malicious Twins

July 16, 2024 at 10:10AM A massive ad fraud operation named Konfety has been uncovered, using hundreds of Google Play Store apps to engage in malicious activities. The campaign exploits a mobile advertising SDK associated with a Russia-based ad network, deploying “evil twin” versions of legitimate apps to commit ad fraud, monitor web searches, and … Read more

Yahoo! Japan to waive $189 million ad revenue after detecting fraudulent clicks

June 26, 2024 at 01:19AM Yahoo! Japan’s parent company, LY Corporation, announced the decision to waive $189 million in advertiser charges due to fraudulent activity. Approximately 96 million unapproved advertising materials and 30.2 billion yen of invalid advertising costs were identified in fiscal 2023. This move will not burden advertisers, although it accounts for 1.6 … Read more

Shady ‘Merry-Go-Round’ Ad Fraud Network Leaves Orgs Hemorrhaging Cash

May 30, 2024 at 09:04AM Researchers discovered two ad fraud rings called “Merry-Go-Round,” which redirect millions of online ads daily to shady websites. At its peak, the operation fed 782 million ads per day, but currently serves 200 million. Using complex techniques to evade detection, the fraudsters exploit flaws in online ad placement, causing substantial … Read more

If Britain is so bothered by China, why do these .gov.uk sites use Chinese ad brokers?

April 24, 2024 at 03:41AM A security firm has found that at least 18 public-sector websites in the UK and US are sending visitor data to various advertising brokers, including a Chinese company with past privacy controversies. The report raises concerns about compliance with ad rules and online privacy, especially as .gov websites are not … Read more

Hijacked subdomains of major brands used in massive spam campaign

February 27, 2024 at 09:29AM The “SubdoMailing” ad fraud campaign utilizes over 8,000 legitimate domains and 13,000 subdomains to send up to five million fraudulent emails daily. Notable brands like MSN, VMware, and eBay have been unknowingly involved, aiding in bypassing spam filters. The threat actors profit from ad views and scams, with Guardio Labs … Read more

SubdoMailing campaign spams 5 million emails daily via 8k hijacked domains

February 26, 2024 at 11:01AM A massive ad fraud campaign, “SubdoMailing,” utilizes over 8,000 legitimate internet domains and 13,000 subdomains to send up to 5 million scam and malvertising emails daily, bypassing spam filters and leveraging trusted company domains. Notable companies affected include MSN, VMware, and eBay. The campaign generates revenue through fraudulent ad views … Read more

Cybercrooks Target Docker Containers With Novel Pageview Generator

January 18, 2024 at 03:26PM Cyberattackers are using a new gray-area tool called 9hits Traffic Exchange to generate artificial page views for websites. This tool allows users to buy credits and exchange them for traffic to a specific site, potentially inflating engagement numbers for advertisers. Attackers are targeting Docker services to deploy this tool along … Read more