The Department of Justice has unsealed indictments against eight people who allegedly ran the infamous online advertising scams 3ve and Methbot. The defendants, who are primarily from Russia, are accused of collecting more than $36 million from companies who thought they were paying to place ads on websites. But the ads were never seen by a human being — instead, the defendants allegedly used a server farm and a botnet to simulate billions of visits to real pages.
A press release states that three of the alleged scammers — Sergey Ovsyannikov and Yevgeniy Timchenko, who were from Kazakhstan, and Aleksandr Zhukov, who was Russian — were arrested over the past month. The other five — Boris Timokhin, Mikhail Andreev, Denis Avdeev, Dmitry Novikov, and Aleksandr Isaev — are still at large.
The group allegedly ran two separate but related fraud schemes. The first, Methbot, took in $7 million between September 2014 and December 2016. The alleged perpetrators made deals with ad networks to place advertisements, then used rented servers to simulate having real internet users visit spoofed web pages and look at ads. The second, 3ve, apparently made $29 million between December 2015 and October 2018. It was based on similar principles, but instead of server farms, it used a full-fledged botnet comprised of 1.7 million infected computers.
The defendants are charged with wire fraud, money laundering, aggravated identity theft, and conspiracy to commit computer intrusion, among other offenses. They were arrested as part of a partnership between the Federal Bureau of Investigation, the Department of Homeland Security, and a group of private companies including Google and the computer security company White Ops — which first revealed Methbot’s existence in late 2016.
At that point, White Ops estimated that Methbot’s operators collected between $3 and $5 million per day from advertisers. White Ops said the scheme was “bringing whole new levels of innovation to ad fraud,” operating at an unprecedentedly large scale that spooked advertisers.
Some analysts questioned those numbers, and based on today’s indictment, the total cost doesn’t seem as high as the original estimates suggested. White Ops CTO Tamar Hassan defended its analysis in a statement to The Verge, saying that the Justice Department was likely being very conservative. “We typically expect the DoJ to share numbers around what they are prepared to prove based on the evidence they’ve collected, rather than a maximum cumulative number of what the entire operation could have generated,” he said. But even if that lower estimate is correct, it was still a large, complex, and surprisingly long-running operation.
Update November 28th, 9:30AM ET: Added statement from White Ops CTO.