New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Methbot: Botnet of 571,904 IP addresses for watching videos
VirtualByte
Member
in General
Since I see here a lot of suspicious topics about people wanting to buy/rent ip space without any valid reason, I want to share with you guys this page. Yet another example of what these guys do with the space.
What is methbot? Controlled by a single group based in Russia and operating out of data centers in the US and Netherlands, this “bot farm” generates $3 to $5 million in fraudulent revenue per day by targeting the premium video advertising ecosystem. We continue to detect and block fraudulent activity generated by Methbot on behalf of all of our customers.
http://www.whiteops.com/methbot
I know about traffic exchanges, but I didn't know there was any scam on this magnitude. They even are faking to be a residential ISP.
How is this even possible.
Comments
Makes sense, honestly. The rise in requests for large ranges around here has been a 2016 occurrence, to the best of my memory. Similarly, so has the rise in traffic exchange. That could be selective memory, I admit.
I would have to agree there.
Whats this: premium video advertising ecosystem
It won't take long for everyone to play catch-up for figuring our valid/invalid IP addresses and ASN's to allow flowing.
The issue is that everyone makes too much money out of it for those changes to happen. The networks, the ad agencies, the server providers and ultimately the Russian group in this instance. Everyone is earning on this, it's not like they're hacked boxes.
Would certainly be useful to reclaim all of that IP space, though.
Everyone except the person paying for the ads! Also, once the paying ad-customers are aware of this issue, they'd lose faith in the ad platform if it doesn't take steps to prevent this type of fraud.
Completely. I guess the ad platforms will let it get to a point where it's 'just enough' to keep people happy. Don't forget, this is a still generating a LOT of extra revenue for them platforms.
It's a bit crap for those at the end who are footing the ad bills, but you'll never see a true solution for this I don't think.
Well, most of the fraudlent requests, which I get for IPv4 are from spammers with similar patterns in the request. I am yet to find anyone that used a leased range from me for this exact thing posted here. Also, most of the requests from here (LET) are also from the same couple of companies. Whoever requests more than a /23 on month to month basis without a long-term contract is mostly rejected by me. I sincerely have a hard time beliving that a starting colocation company wants to order a /19 on month to month basis without a contract.
I'm pretty sure you'd (or anyone else legitimately selling here) reject anyone asking for a netblock with the email [email protected] to be registered to Comcast
Why call it methbot? Why do they have to take one good thing in this life that makes so many people happy and turn it's name into something despicable, illegal, horrible like an ad bot. Those bastards
Man, you gotta try something else. Like this one: https://en.wikipedia.org/wiki/Jenkem
A significant % of the brightest minds of a generation, are now working on Ad fraud or combating Ad Fraud (throw in spam in the mix)
Sips second Coffee
Wow, this is cool!
What my customers do with my IPs and their SWIP entry is not my problem in any way (yea, i sold to these as well, though semi unknowingly - they come along with rather random UA and RU OOOs/single person companies, asking by mail for "hosting" IPs with no further specifications).
Not really, the brightest are working for large corps in OP/management, gov or entirely in cybercrime - few million per month is for a large group nothing, selling drugs or maintaining drug sales places etc. gets you far more for less work per person and is also more secure inside СНГ.
This here is not TOO thought out either anyway, else they'd hijack IPs and don't pay for them.
I have concluded via a lovely dictionary that you, @William, are a whore.
Is that... new?
I always made pretty clear i have very low to zero moral qualms who i sell to as long as it benefits me and does not conflict with core interests (religion/heritage (thus do not sell to Arab countries), relationship (eg. not selling to right wing/anti gay orgs) and legal (not selling to illegal spammers and similar).
What they do is illegal/fraud, sure, but this cannot be put on me in any way (dang, Croatian law is so much better than Austria).
The only thing that changes is the pricing; someone needs to finance my 10k EUR Mac Pro or the flat with sea view
I'll found the prefixes now anyway (totals a /19 around) and will cancel them; for 50EUR/mo i'm not accepting this usage - they can pay better or i sell it off for 75EUR/mo to a normal VPS provider.
While the did not scam me they lied about usage (and have only short term contracts), so need to pay up
>
Well, fraudulent ad views is the oldest scam since AdWords came out.
Beats getting slaughtered at Verdun.
Weak choice of events, I'm disappointed.
Sure, just about a million men dead on a 1-fucking-year-long battle. Weak.
Implying that anyone cares?
I think you, @William, have just made the most logical argument for my ASN-blocklist app existing.
I wanted my words to hurt so that maybe you would reconsider your actions, to realize what you are becoming. However, I see now that you will whine about certain things, and yet other moralities entirely slip. These slips are fully based upon what you as a person deem fit. In the end though, your judgements and words are much more meaningless to me now.
Thank you, and good bye.
@AlyssaD Get your sorry ass out of here.
Wasn't looking for anyone's f*cks but you replied
On what planet does replying equate to caring about your feelings?
Same where replying means someone has to care.
Google "tautology"
Per day.
These guys were making serious bank, even with a fairly large group. We are talking 10 figures.
Bots AI / Supported Technologies:
And after all of these words and sentences above "specialists" had said that it used for advertising. Lol, what a bullshit.
Sorry, but this is set of tools for massive propaganda, and not tools for advertising.
This is complete features which will falsification a real human behavior. It's can be easy (and i'm sure it's already) used for manipulations of people opinions at different websites, places around the globe, on youtube, on different news sites on different places where possible to get attention from big mass of people.
Very strange and cautious conclusions made in this report. When all the facts saing that this botnet developed for fake real human behavior.
Yep, millions of dollars are lost because of this but most advertisers are ignorant to the issue. Conversion rate is really poor for the people paying the advertisers. Most behavior can be mimicked by code, but one thing you can't lie about is the connecting IP address (on TCP anyway). That's why proxy / VPN / hosting / bot IP detection can be really useful in the fight against fake views and fake clicks
Goes to show what shallow capitalism is doing to once great & battle ready Croatia.