A newly discovered botnet has found a way to siphon cash from advertisers.
The botnets have targeted at least 202 Web sites, hitting them with as little as 9 billion ad impressions. The sites themselves are receiving 14 billion ad impressions, meaning the majority are coming from the botnet.
But here's the crux of the issue: advertisers are paying the sites 69 cents per thousand ad impressions, believing that they're legitimate. The Chameleon botnet, therefore, is able to siphon $6 million per month in cash from the advertisers.
Although botnets have been used to target text ads, they've largely stayed away from display ads because of the more sophisticated way in which advertisers analyze activity. In many cases, that analysis catches botnets before they have a chance to take hold. However, according to Spider.io, Chameleon is extremely sophisticated and act as though they're normal users surfing the Web. Still, the botnet has some hallmarks that give it away. According to Spider.io:
Despite the sophistication of each individual bot at the micro level, the traffic generated by the botnet in aggregate is highly homogenous. All the bot browsers report themselves as being Internet Explorer 9.0 running on Windows 7. The bots visit the same set of websites, with little variation. The bots generate uniformly random click co-ordinates across ad impressions and the bots also generate randomised mouse traces.
The discovery of the Chameleon botnet comes a little over a month after Microsoft and Symantec announced that, known as Bamital, that redirected Web sites. It's believed that botnet was earning at least $1 million per year.