Skip to main content

Botnet fraud dupes advertisers out of £4 million a month

A powerful botnet (opens in new tab) sending swathes of fake traffic to different websites has been discovered, in a fraud campaign thought to have conned advertising companies out of nearly £4 million per month.

Discovered by analytics firm (opens in new tab) and dubbed Chameleon, the botnet delivers huge amounts of traffic to over 200 sites owned by a small group of publishers. 14 billion ad impressions are served across these websites - of which Chameleon counts for at least 9 billion – and advertisers currently pay an average of $0.69 (46p) CPM to serve display ads to the botnet, costing them around $6.2 million every month.

Security researchers at have been tracking the activity since December 2012, with the scale of the web-browsing fraud becoming apparent in February. Chameleon appears to run on 120,000 host machines using Windows, of which 95 per cent accessed the web via US IP addresses.

According to the analysts, “For the Chameleon botnet to evade detection and to impact display advertisers to the extent that it has requires a surprising level sophistication.”

This involves the bots opening up a large number of web pages within the browser until it crashes and is forced to restart, at which time it acquires a new set of cookies.

Each bot presents itself as several web visitors visiting the site concurrently before each sessions end at the same time, with the repeated pattern helping expose the fraudulent traffic to researchers.

Will began working life as a technology journalist at ITProPortal as Senior Staff Writer. He's worked as a Copywriter, then Creative Lead across video, social, email, web and print. He is currently a Senior Content Strategist at Zone.