Offers insight into financial motives of hackers, and basic security tips for brands
MADISON WI – MdotLabs, the leading media security platform, warned today of a threat to advertisers and publishers from the recently posted Athena botnet. Although the botnet release has been covered by traditional security firms as a traditional DDos (denial of service) attack threat, MdotLabs research has shown the botnet interface allows it to be easily used to perpetrate ad fraud.
“The Athena botnet was essentially hacked and posted to online forums 90 days ago,” says Timur Yarnall, CEO of MdotLabs. “While the user interface is quite crude, it’s unfortunately all too easy to use Athena to ‘rent’ infected computers and direct their browsing activity for the purposes of falsely inflating clicks or impressions. Advertisers and publishers should not only take safeguards to protect against this type of activity but also use the Athena release as a chance to learn first-hand how botnets operate.”
Athena focuses primarily on using infected machines running Windows XP operating system and Internet Explorer browser versions to command botnet attacks. Fraudsters using the botnet essentially log into an administration interface and pay per activity to command the network of computers infected by Athena’s creators — thereby allowing the fraudsters to make money by falsely inflating an ad campaign, and allowing Athena to generate revenue based on “rental income.”
MdotLabs estimates that online ad fraud costs domestic online marketers more than $5 billion annually, with global figures exceeding $10 billion in wasted ad spend annually. Additionally, beyond simply noting its availability, MdotLabs notes that Athena is a good example of a botnet that poses an impression fraud threat that can easily evade defense methods such as viewability checks and IP blacklists.
Marketers should take basic precautions such as ensuring that their campaigns do not appear to be served to demographics over-indexing the general population in Windows XP or Internet Explorer users. Advertisers can also check for publisher sites that appear unfamiliar to them but have recently made up a significant percentage of their campaign traffic.
The MdotLabs research team has also posted an in-depth technical blog reviewing capabilities and threats associated with Athena on http://www.mdotlabs.com/blog/
MdotLabs (www.MdotLabs.com) is a SaaS security platform company created to fight invalid activity in web and mobile advertising. The MdotLabs’ AdSecure™ Platform is used by hundreds of publishers and top brands to identify and eliminate invalid traffic coming from botnets and click-farms that waste billions in ad campaign spend each year.
MdotLabs is privately funded, based in Madison, WI, with offices in San Francisco.