Security researchers have discovered a botnet that is stealing millions of dollars per month from advertisers by simulating click-throughs on display ads hosted on at least 202 websites.
Dubbed "Chameleon" by the Web analytics firm spider.io,
it fools advertisers' behavior-tracking algorithms to generate fraudulent income. Botnet emulates human visitors on select websites causing billions of display ad impressions to be served to the botnet.
Spider.io says that more than 120,000 host machines have been identified so far. 95% of these machines access the Web from residential US IP addresses.
Spider.io has observed the Chameleon botnet targeting a cluster of at least 202 websites. 14 billion ad impressions are served across these 202 websites per month. The botnet accounts for at least 9 billion of these ad impressions. At least 7 million distinct ad-exchange cookies are associated with the botnet per month. Advertisers are currently paying $0.69 CPM on average to serve display ad impressions to the botnet.
This discovery of the Chameleon botnet follows the recent take-down announcements of the Bamital botnet by Microsoft and Symantec -- on February 6th of this year. Both the Chameleon botnet and the Bamital botnet have cost online advertisers millions of dollars.