Xindi Botnet Update: Sovrn Publishers Protected
Pixalate recently released a comprehensive report detailing the Xindi botnet, a first-of-its-kind botnet designed to attack a key vulnerability in the online advertising ecosystem by exploiting ad exchanges. According to Pixalate, “this botnet is designed to generate fake “viewable” impressions at scale.” As a partner with Pixalate on fraud and transparency issues, we were made aware of this botnet shortly after it was discovered. You can read more about the Xindi botnet here.
Pixalate has observed that as a result of fraudsters implementing the Xindi botnet, “fraud on affected campaigns increases by up to 300 percent. The affected campaigns tend to have high viewability (in the range of 85-95 percent) and a highly desired user base. Frequency cap controls fail to work, and discrepancies between Ad exchanges and demand-side platforms (DSPs) spike.”While the Xindi botnet is serious, Sovrn and its publishers are protected by safeguards we already have in place.
If you don’t know what a botnet is, this is for you. A botnet (also known as a zombie army) is a number of computers that, although their owners are unaware of it, have been set up to forward transmissions (including spam or viruses) to other computers on the Internet. Any such computer is referred to as a zombie – in effect, a computer “robot” or “bot” that serves the wishes of some master spam or virus originator.
Here’s an anatomy of the Xindi botnet attack that Pixalate put together: