The FBI and tech giants including Google have collaborated to dismantle an elaborate long-running fraud operation that may have cost online ad networks over $1 billion. Online ad fraud is alluring for hackers because it's a relatively low risk endeavor with the potential for huge upside returns. Named 3ve (Eve), this four-year operation was perpetrated on a massive scale.
Google released a white paper today detailing that at its peak, 3ve controlled over one million IPs from both residential botnet infections and corporate IP spaces, primarily in North America and Europe (for comparison, this is more than the number of broadband subscriptions in Ireland).
According to the 13-count indictment, the eight defendants (all citizens or residents of the Russian Federation, the Ukraine and the Republic of Kazakhstan) used sophisticated computer programming and infrastructure spread around the world to exploit the digital advertising industry through fraud. They represented to others that they ran legitimate ad networks that delivered advertisements to real human internet users accessing real internet webpages. In fact, the defendants faked both the users and the webpages: in each of the charged schemes, they programmed computers they controlled to load advertisements on fabricated webpages, via an automated program, in order to fraudulently obtain digital advertising revenue.
The final takedown was combined with prosecution to more fully disrupt the criminal organization and serve as a deterrent to similar activity by other actors.