3ve ad fraud scheme taken down by the United States

The guilty ones for the 3ve ad fraud scheme arrested and charged with numerous crimes

United States authorities have dismantled 3ve - the infamous ad fraud scheme.

Google, FBI and several cyber security companies have recently reported about taking down the worldwide fraud operation known as “3ve”. The men responsible for this hack have also been revealed: Aleksandr Zhukov, Boris Timokhin, Mikhail Andreev, Denis Avdeev, Dmitry Novikov, Sergey Ovsyannikov, Aleksandr Isaev, and Yevgeniy Timchenko.^[1] As it is clear from their names, these criminals originate from Russian-speaking countries, e.g. Russia, Kazakhstan, Ukraine. Three of these men have already been arrested and, at the moment of writing, are waiting for the extradition.

The cybercriminals were found guilty for launching an extremely wide fraud operation which was started four years ago (in 2014) or even earlier. The ad fraud scheme involved a weak-skilled botnet which became more difficult and widespread as the time passed. It is already known that 3ve generated between 3 and 12 billion dollars in revenue from advertising requests.

3ve ad fraud scheme contained three different parts

The fraud scheme of 3ve included three main components.^[2] According to computer security researchers, the first one, dubbed 3ve.1, has been known as “Miuref”, “MethBot”, or “Boaxxe” and was able to run fake ad networks, overload false web pages with thousands of intrusive advertising posts.

Additionally, the second component of the fraud scheme, 3ve.2, involved the infamous “Kovter” botnet used to load fake and criminal-sponsored websites from around 700,000 infected computer systems. This illegitimate activity was also performed with a purpose to gain benefit from the advertising posts displayed.^[3]

The last one, 3ve.3, was very familiar with the first one. However, it used the smaller number of datacenter bots, also relied on rented servers for using proxies. All these schemes were created to bring advertising-related revenue for the developers. However, none of them was legal and safe.

FBI took needed actions leading to success

FBI^[4] took actions against this cruel activity and managed to prevent the ad fraud scheme from spreading further. As the Google report claims, the collaboration with cybersecurity experts also played an important role:^[5]

What followed was a collaborative and coordinated effort by both law enforcement and various companies across industries, including ad tech, cyber security, and Internet service providers, to disable the infrastructure and sinkhole botnet command and control servers. The result so far has rendered the operation’s botnets unable to continue to drive fraudulent ad traffic.

They shut down around 30 or more domains and fulfilled search warrants on particular United States server providers. Nevertheless, the FBI had to take even more serious actions – they executed warrants for bank accounts which were connected to this hazardous scheme, that included some accounts from Switzerland and other countries.

Sadly, the 3ve fraud scheme has made a serious impact on some people and companies. Since it displayed advertising posts and tried to gain revenue from this activity, their goal has been achieved successfully – it is known that the tricky scheme had convinced various companies to pay 36 million dollars or more for fake advertisements!