Streaming TV Fraudsters Steal Millions of Ad Dollars in ‘ICEBUCKET’ Attack

2020-04-16 14:24

A massive television ad fraud campaign that abuses the programmatic advertising ecosystem for connected TV has successfully impersonated more than 2 million people in over 30 countries so far during its run, defrauding more than 300 different brands out of their ad dollars.

The recently uncovered CTV operation - named ICEBUCKET by the researchers at White Ops that discovered it - was bent on tricking advertisers into thinking there were real people watching TV on the other side of the screen, when in reality, they were bots pretending to be real people watching TV. In other words, the sellers of the ad inventory were bot-herders; and, they received money in exchange for running the ads - but the ads didn't actually reach any human eyeballs.

"The operation hid its sophisticated bots within the limited signal and transparency of server-side ad insertion-backed video ad impressions," explained White Ops researchers, in an analysis published on Thursday.

Further, the fraudsters masqueraded as a range of streaming devices, including pretending to be people using Roku devices; Samsung Tizen Smart TVs; GoogleTV, which was discontinued in 2014; and Android mobile devices.

"The ICEBUCKET operation presented its traffic as coming from a legitimate SSAI provider for a variety of devices and apps, using custom code. ICEBUCKET assembled requests for ads to be inserted into video content for viewers using CTV and mobile devices, but none of those devices or viewers actually exist."

News URL

https://threatpost.com/icebucket-streaming-tv-fraudsters-steal-ad-dollars/154852/

#attack