US recovers record $15 million from 3rd ad fraud squad • The Register

The US government recovered more than $15 million in revenue from the 3rd digital ad fraud operation that cost companies more than $29 million for ads that were never seen.

“This forfeiture is the largest international cybercrime case in the history of the Eastern District of New York,” U.S. Attorney Breon Peace said in a statement. statement.

The action, Peace added, “sends a powerful message to those involved in cyber fraud that there are no limits to the pursuit of these bad actors and the tracing of their ill-gotten assets wherever they go. find in the world”.

Between December 2015 and October 2018, two Kazakh citizens, Sergey Ovsyannikov and Yevgeniy Timchenko, and a Russian, Aleksandr Isaev, committed the massive botnet scam and gained access to more than 1.7 million infected computers in the United States and around the world, according to the Department of Justice. .

Ovsyannikov and Timchenko were arrested in 2018, pleaded guilty and were sentenced to terms in US prisons. Isaev, along with five others, are accused [PDF] with money laundering, wire fraud, computer intrusion and identity theft for their involvement in 3ve (pronounced “Eve”), but remain free.

Here’s how the scheme worked:

The operators claimed to run legitimate businesses that serve ads to real human internet users accessing real websites. In fact, they faked both humans and websites using spoofed domains and a large network of infected devices.

They managed to do this (at least for a while) by developing a global infrastructure of command and control servers that monitored infected computers to see if they had been flagged for possible fraud.

The operators used a pair of malware – Boaxxe targeting Windows and Kovter – to infect victims’ PCs. Once they gained access to millions of devices, they used hidden browsers on those computers to download fake websites and load advertisements on the spoofed sites.

Federal authorities, working with Google and an array of security companies, shut down the ad fraud operation in 2018. The FBI executed seizure warrants on 23 Internet domains and also executed search warrants on from 11 different US server providers for 89 3ve linked servers. or Kovter.

During the scam, the perpetrators tampered with billions of ad views and spoofed more than 86,000 domains, costing the companies more than $29 million, according to the Justice Department. Just over half of the illicit revenue, or $15,111,453.84, has since been transferred from Swiss bank accounts to the US government. ®

Comments are closed.