US Authorities Take Down Russian Cybercrime Network Responsible for Ad Fraud Campaign

US Authorities Take Down Russian Cybercrime Network Responsible for Ad Fraud Campaign

bigstockphoto

The US Department of Justice has confirmed that a number of Russian threat actors have now been indicted for their part in a Pornhub hack and the ongoing advertising fraud campaign behind it.

A joint effort by the FBI and the Department of Homeland Security (DHS) has resulted in the takedown of a major online fraud operation which controlled more than 1.7 million unique Internet Protocol addresses on computers infected by the Boaxxe/Miuref and Kovter malware families.

Operation Eversion, targeting the 3ve ad fraud network and the cybercriminals behind it, saw the cooperation of 20 major tech industry players, including Google and Symantec, joining forces to sinkhole the domains used by the gang. The Pornhub hack managed to fly under the radar for more than a year before being discovered.

The fake ads were loaded from more than 1,900 computer servers rented by the gangs in datacenters in Dallas, Texas and elsewhere. More than 5,000 domains were spoofed by the criminals to host the fake websites. Fake browsers were then programmed so as to appear to be under the control of real users, using a fake mouse to scroll pages, start and stop videos playing and click on the adverts. With some 650,000 IP addresses leased by the gang and assigned in batches to the servers in those data centers, it was possible to make them look like residential consumers subscribed to a variety of internet service providers.

 

[Source: Forbes]

You might be interested also