NEW YORK—An 18-month long CTV fraud scheme that connected seven different cases as part of one coordinated effort has been identified and stopped by DoubleVerify. The scheme is known as “OctoBot.”
Since November 2019, the seven variants that make up the OctoBot scheme have generated billions of ad calls and spoofed apps on millions of devices, designed to defraud advertisers of millions of dollars in revenue.
DoubleVerify caught the most recent variant in February, shutting it down in 24 hours, it says. This variant showed similar behaviors to a series of schemes DoubleVerify has been blocking and tracking since November 2019.
Among the variants that made up OctoBot were MultiTerra, which resulted in an estimated $1 million/month impact in diverted spend, and SneakyTerra, which had an estimated $5 million/month impact.
“We’ve been seeing fraudsters aggressively target the CTV space, but the OctoBot fraud scheme family, with its multiple tentacles, is unprecedented,” said Mark Zagorski, CEO at DV. “OctoBot displays a high degree of ingenuity in its evolving approach—with each variant operating in a unique manner. Our Fraud Lab, however, ultimately was able to detect common behaviors and traffic patterns that enabled us to identify the interrelationship between these seemingly dissociated approaches.”
DoubleVerify’s Fraud Lab found the link between OctoBot variants using a months-long analysis of trillions of ad impressions and auctions, reverse engineering dozens of applications and conducting open source intelligence operations, DV says.
Read DoubleVerify’s full report online.
