How White Ops Foiled Russian Hackers Stealing $5M In Ad Revenue Daily

Remember the Russian group running U.S. and Netherlands data centers that generated between $3 million to $5 million per day? Advertisers need to become more in tune with this type of cybercrime to prevent it from happening again.

Advertising fraud is the biggest money maker and the fastest way to earn a profit, according to White Ops CEO and co-founder Michael Tiffany. "It has the best risk and reward," he said.

Tiffany said taking down the Russian hackers meant finding a way to shrink their profits. "We have the engine to stop a fraud operation in its tracks, so let's give it a whirl," he said, referring to the Trustworthy Accountability Group (TAG).

Indeed, he points to two unique features of Methbot and a sequence of events that brought down the Russian hackers. Timing proved crucial to keep the bot from turning into a billion-dollar problem and keep financial loses small.

Data collection and shutting down the IP addresses were critical in stopping the fraud operation. The team at TAG also brought together industry insiders to make sure companies knew how to take action.



The hackers behind Methbot were intelligent, Tiffany said. They created more than 250,000 fake Web pages with counterfeit inventory from more than 6,000 publishers. The sites had browser addresses rigged so anyone looking at them couldn't tell the URL wasn't legitimate.  

Tiffany also said White Ops created a list of IP addresses, so any exchange, DSP and network could take the list and look in their transaction logs to verify sellers and payment accounts and invalidate fraud transactions before the money got paid out.  

He called Methbot a "remarkably sophisticated operations, but certainly not the only one" affecting the advertising industry. He said since the money to be made is so large, this kind of operation attracts some of the best cyber criminals.

Hewlett-Packard Enterprise also released a white paper titled "The Business of Hacking." The paper walks through ways people make money hacking from IP theft and ad fraud, to cyber warfare and payment system fraud.

1 comment about "How White Ops Foiled Russian Hackers Stealing $5M In Ad Revenue Daily".
Check to receive email when comments are posted.
  1. Craig Mcdaniel from Sweepstakes Today LLC, January 13, 2017 at 3:14 p.m.

    Laurie, great story.  The one question I have is - How did the bad guys contract or just connect their fake website to the advertisers through DSP's or programmatic vendors?  I found the process to get a publisher's contract a long one with security checks by ad distributors. So how did the hackers get the ads directly? 

Next story loading loading..