The massive Russian cybercrime operation stealing millions from advertisers - Inside ‘Methbot’

Security experts have uncovered what appears to be the biggest and most profitable advertising fraud scheme known to date.

In a report released Tuesday, cybersecurity firm White Ops mapped out a massive operation through which Russian cybercriminals are stealing millions of dollars from publishers and advertisers in the form of fake video views.

Nicknamed "Methbot" for the frequent references to the drug in its code, the ongoing scheme involves an army of bots whose sole purpose is to watch as many as 300 million video ads per day, thus tricking brand advertisers into paying millions of dollars for fake views.

The company believes it to be the work of a ring of Russian hackers, who researchers say have netted upwards of $180 million in profits since launching the operation in September.

While employing automated users to scam ads is nothing new — it's the foundation of the multibillion-dollar ad fraud industry — the company says the staggering scale and technical intricacy at play here are unprecedented.

"This is an attack perpetrated against the entire industry," says White Ops CEO Michael Tiffany. "It was robbing both advertisers and publishers, and it was operating at a level of sophistication that's just unheard of."

How it works

The whole operation takes place within a sort of Potemkin Village version of the internet located entirely within the bounds of Methbot's servers.

To populate it, the hackers took over more than half a billion IP addresses — unique strings of characters designed to identify web users — from two major registries and broke them into chunks, which were then assigned to various internet service providers like Comcast and Verizon.

Doing so created the illusion that each of these millions of bots were real web surfers spread across America rather than programs operating out of one of two centralized data centers in Amsterdam and Dallas.

The perpetrators also built custom software designed to make the bots appear convincingly human — they mimicked clicks and cursor movements; installed fake cookies that indicated demographics, online browsing histories and other targetable traits; and even gave them fraudulent social network credentials that made it appear as if they were logged into Facebook or other social media accounts (though no such accounts actually existed).

This elaborate operation goes far and beyond that of your average ad fraudster, Tiffany says. In a typical operation of this kind, bots latch onto the addresses of actual people through malware so that hackers don't have to go through the trouble of creating identities out of whole cloth.

"We've never seen anything like that before," Tiffany says. "It's just astonishing."

But spawning this army of robo-users was just one piece of the puzzle; the cybercriminals also generated more than 6,000 imitation sites designed to resemble major outlets across the web.

These include fake versions of publishers like CNN, the New York Times, BuzzFeed and Mashable; platforms like Facebook, Yahoo and Quora; and even some brand websites like those of Air France and Pokémon.

The fake sites allowed the thieves to take advantage of a common form of arbitrage in the ad tech industry in which unsold ad space is bought from an outlet then resold at a higher price. The criminals would pretend to be reselling space on, say, CNN's website through an automated ad exchange but then instead direct the ad to their shell version of the site that nobody could actually see.

There, the brand would unwittingly pay to have its video ad viewed solely by the millions of bots assigned to visit each of these sites.

As a whole, the operation racked up between 200 to 300 million views per day and bilked advertisers and media companies out of $3 million to $5 million in revenue.

Such intricate attention to detail might seem excessive for a scam that's already considered to have the lowest risk and highest reward of any form of cyber crime.

But the whole plan was put in place in service of making the machine as profitable as possible at every level. Bots imbued with a targetable profile and brand-name outlets are worth much more to advertisers than unknown visitors to a no-name webpage, and video is the most expensive form of online advertising.

"By using these very sophisticated mechanisms to hack some of the architectural systems of the internet, they were then able to unlock much greater profit potential than other operations usually have," Tiffany said.

What's next

White Ops, which specializes in ad fraud detection, first took notice of the operation in October, when its system picked up on some of the bots. The rest of the scheme unraveled from there.

"We had this one thread to pull on, and then as we pulled on it, we uncovered layer upon layer upon layer of complex forgeries," Tiffany said.

Now that the report is out, White Ops is releasing a full list of fake addresses and domains so that ad networks and other fraud detection firms can block accordingly. It is also working with U.S. law enforcement authorities to try to track down the parties responsible.

While the massive scale of Methbot might make other ad fraudsters seem like small-timers in comparison, ad fraud as a whole remains a huge headache for the advertising industry. A research report from an advertiser trade group last year predicted that it could cost digital advertisers around $7.2 billion this year alone.

Tiffany says it's entirely possible that ad fraud rings of comparable scope are currently operating undetected. The murky nature of the crime makes it uniquely hard to suss out.

"It hardy ever leaves traces of the crime behind," he says. "It's such an extraordinarily successful form of theft because nothing goes missing."

 

Installation & Maintenance Instructions For ‘S’ Series Hot Water Boilers

Pensotti Quality Heating Boilers and Panel Radiators

PNA, Inc. is proud to supply you and our network of dealers with the high quality PENSOTTI Model ‘S’ Cast Iron Boiler throughout the North American marketplace. We are confident that your purchase of the PENSOTTI home comfort package will provide years of efficient, economical, trouble-free operation.

"Quality remains long after the price is forgotten".

The PENSOTTI ‘S’ boiler is a high efficiency residential heating appliance that provides maximum energy utilization and the highest efficiency, without the maintenance and operations problems and high purchase and installation costs of condensing boilers.

Fuel cost savings can only be achieved by matching the PENSOTTI ‘S’ boiler to the true heat loss of your residence. During the past couple of decades, the trend towards improving wall and ceiling insulation levels and eliminating air infiltration by caulking and weather-stripping, has made most existing heating appliances oversized.

When you purchase a PENSOTTI home comfort system your new appliance will be sized on the basis of the new heat loss calculation. This will ensure that your new PENSOTTI home comfort system will deliver only the amount of heat required to match your actual home’s heating demand. We want to provide you with the maximum comfort level achievable combined with the highest fuel cost savings.

The following are useful bits of information presented under a series of sub-headings.

Annual Fuel Utilization Efficiency (A.F.U.E.)

The A.F.U.E. is a measure of the estimated ability of a heating appliance to extract heat from the fuel, based on a full heating season. The A.F.U.E. increases as the burner on time increases until it reaches ‘steady-state efficiency’. Steady state is the efficiency of the appliance measured when the burner is running. Any time the burner cycles on and off, the A.F.U.E. drops because of "off-cycle" losses. The A.F.U.E. drops most sharply when the heating plant operates between 10 and 30% burner on time. An increase in the percentage of burner on time improves the A.F.U.E.

A General Comment

 The PENSOTTI Model ‘S’ boiler is a high quality, efficient oilfired heating appliance, which must be installed and serviced by a trained and if required licensed service technician. Oilfired installations should be installed in accordance with NFPA31 and NFPA211 when no local code is in effect. Be sure that the installation is according to all National, State and local codes and authorities having jurisdiction over heating, electrical, plumbing and oil burner systems. Read Full Content  (PDF)

Useful Info of New Mothers Support Group Singapore

Our Living in Singapore Guide captures all information that we think you need to help making living in Singapore easier for you and your family.  All new members will receive a copy of our guide & it is available for existing members to buy at our social events.

 

Our members also like to share their favorite recommendations, click on the categories below for their recommendations...

 

Mums and Babies

Toddlers and Kids

The Whole Family

Living in Singapore

Anti-Fraud Organization Tokyo, Japan Purpose

Generally Japan Japan Company Trust, by providing a real proof of Japanese companies overseas, the company's confidence in the more reliable ones, to help to advance the business smoothly, contributing to the development of international trade in Japan it aims at.

Now that online business has become the mainstream, jumping over the border if they have PC, it enables a wide variety of transactions, is no longer a business is a global era. But along with also high risk that at the same time easy to get involved in Internet fraud. Since online business is not a face ­to­ face transactions, it will not be able to check only the presence of the other companies only in the image and description of the web site.

So, JCTO is confirmed by the or a commercial copy of the registration or the like exists in the location that has been posted on the web site without any business in Japan is a mistake, we will provide information the information of the business in the web site. In addition, by posting JCTO trust seal to your web site, you can appeal your company's reliability. The company side of the overseas by doing so it is possible to prevent in advance the fraudulent trouble, also enterprise side of Japan will be able to provide the peace of mind and confidence. JCTO in both, we believe that it is possible to provide a safety and reliable business.

Harmony Chinese Takeaway Review: Top Class Chinese Food in Southbourne

There were a lot of reviews about Harmony Chinese Takeaway available on the internet, and to add further details about the takeaway restaurant, this particular post will provide the experience and feedbacks of individuals who traveled a long way just to order the foods of the restaurant, in short, patience and determined visitors from various areas.

We gathered their reviews and one said that the foods at Harmony were the best on Christmas Eve. Many families enjoy Chinese foods on such occasion and we found out that recommendations from different customers brought them to the restaurant to try it out. For those people, Christmas is not the same without the top quality Chinese food of Harmony Chinese Takeaway.

A certain review also explains how it was spotlessly clean at the takeaway and how they received a warm welcome from the staff. Most of them never imagined that Harmony follows high standards when it comes to their food. They were moved by how the staff always gives them a good chat because they never thought that taking their order would turn out into a meaningful conversation with different people.

There’s also this review that tells how kind the staff was. His friend was in a wheelchair that time and the staff did not think twice in helping them get into their car. They praised the excellent customer service of Harmony Chinese Takeaway. This takeaway has more than your favorite food but it also has a friendly mood inside with a polite and honest staff.

Hawkfield Gallery Fine Arts Consultants Review the Visual Arts and Culture

The landscape of the art industry continually changes due to the rapid evolution of technology. Technological innovations have provided artists with new tools to express themselves and their ideas. Though the digital art was of great deal in this modern era, traditional art still remains vital to a society and to a country’s culture.

 

If you are an art lover and a collector visiting Massachusetts, you won't want to miss exploring Hawkfield Consultants Gallery which is located along Boston’s South Shore, midway between Cape Cod and Boston. The gallery is open for viewing by appointment and features an eclectic variety of American fine arts and folk arts from 20th and 21st century. Bronze sculptures, mini decorative carved decoys of birds and American impressionism are among the many amazing works displayed in Hawkfield artworks section.

 

You are welcome to visit and browse their online art catalogue which contains clear and realistic images of artworks available for sale. Art consultants of Hawkfield will gladly assist you throughout the whole process whether you are going to sell your artwork or buy one. Each of the artworks displayed on their site has corresponding prices and specifications. Hawkfield Gallery uses a sales comparison approach and considers recent auction results when determining the fair market value of an artwork.

 

The gallery is managed by Sally Caverly – an art lover, researcher and conservationist who spends more than two decades collecting impressive arts. She holds a B.A degree in Marketing and later on marched for a Master’s degree in Education. Moreover, Sally serves as a Market Research Division Director of a major publishing house.

 

Visit the About the Gallery page of the Hawkfield’s site to get an idea to the type of service the gallery provides as well as the artists they seek and represented.

Things to Do in Surrey by Group Holiday in Southbourne Dorset

The county of Surrey is situated in the south east of England and covers some 1500 square kilometres between London to the North and the protected countryside of the Surrey Hills to the south.

The Surrey Hills are an area of Outstanding Natural Beauty.

Its rich heritage has inspired many famous writers, painters and musicians.

Surrey contains busy towns with excellent shopping facilities, historic market towns and a wealth of quintessentially English villages.

There are family activities and adventure parks such as Chessington World of Adventure, famous racecourses like Epsom, historic house like Hampton Court and gardens like Kew Gardens.

This is in addition to countryside with beautiful landscapes and views. Surrey is a county for everyone, with so much to see and do, choosing can be difficult!

Surrey is the most urbanised County in England but over 6,500 acres of countryside remain. As such, it's still England's most wooded county.

Visit Surrey Tourist Information centres for details of how to explore the beautiful countryside by Ranger guided walks, or via the Surrey Cycleway. The rivers Mole, Thames and Wey running through the County offer opportunities for fishing and boating.

Surrey is famous as the site of the signing of the Magna Carta. On 15th June 1215 King John met 25 barons, somewhere between Staines and Windsor. This meeting at Runnymede fields, resulted in the king attaching his seal to a document that became known as the Magna Carta.

Today you can visit Runnymede Meadow, Egham, to see the Magna Carta Memorial. It was erected by the American Bar Association to commemorate the sealing of the Magna Carta's 750th Anniversary. Here you will also see the Kennedy Memorial, the site was given to the people of America in memory of President John F Kennedy.

The town of Guilford offers some of the best shopping facilities in the south east. You can take a guided walk to learn about its history and fascinating buildings. The River Wey lends a tranquil feel to the middle of town and offers access to lovely countryside - a short walk along the towpath. The surrounding countryside offers a wealth of attractions, including stately homes like Clandon Park, and Hatchlands Park. There is also the River Wey and its Navigations - centred at Dapdune Wharf - and RHS Garden at Wisley.

Leatherhead is a distinctive, historic market town and is a gateway to the Surrey Hills. With nine business parks, it is also an important working destination, as well as being an excellent centre from which to explore the area. The Mole Gap Trail - one of many marked trails - takes visitors through the valley of the River Mole and links the towns of Leatherhead and Dorking.

Dorking nestles in the narrow valley between the Greensand Hills to the south and the chalk hills of the North Downs. One of Dorking's more famous residents was the composer Vaughn Williams. He was the first conductor of the Leith Hill Musical Festival. You can drop into the tourist information centre for details of this and other festivals and events in the area. The local countryside is well worth exploring. There are historic villages, each with its own charm, a wine estate, historic properties, and Bocketts Farm - a great family attraction.

Farnham is to be found in the south west of Surrey, it is a gracious country town with some of the finest Georgian architecture in the south. Its castle dates back to the 12th century. The town is the starting point for the North Downs Way.