NEW YORK— DoubleVerify has uncovered a new global ad fraud scheme, “ViperBot,” that is attempting to steal over $8 million each month in ad spend across two of the industry’s most in-demand channels: connected television (CTV) and mobile video.
While DoubleVerify announced that it has taken measures to protect its customers from the scheme, the company said that the scheme continues to spoof more than five million devices and up to 85 million ad requests per day, undercutting ad investments and performance when solutions that can protect against ViperBot are not implemented.
“ViperBot is one of the most sophisticated fraud schemes that DV has ever identified,” said Mark Zagorski, CEO at DoubleVerify. “The dynamic nature of fraud schemes underscores the fact that advertisers need a partner who is laser focused on protecting their interests – and who operates independent of the media transaction to remain neutral when determining the quality of inventory. Efficient and transparent media buying leads to better outcomes for brands. By uncovering ViperBot, we are able to give brands greater confidence in their digital investment while ensuring campaign performance.”
Through ViperBot, fraudsters strip the code that verifies ad impressions and then conceal and redirect this code through real devices to hide the fraudulent activity in an attempt to go undetected.
ViperBot relies on both the well-documented occurrence of verification stripping and a new tactic, discovered by DoubleVerify, called “verification redirection.”
Verification stripping is the removal of verification tags previously set by a measurement provider. As this normally causes measurement discrepancies, fraud schemes that rely on verification stripping can regularly be identified by advanced measurement companies. DV, for example, has protected its clients against verification tag fraud for years.
With ViperBot, fraudsters have taken verification stripping to the next level. Fraudsters are not only removing verification tags from the ad being delivered – they are also reinserting them inside of cheap ad slots running on real devices in an attempt to prevent detection, the company reported.
This makes it difficult for unsuspecting measurement providers to recognize that any fraudulent activity is taking place. Upon identifying the new tactic, DV immediately blocked the falsified impressions and ad requests. Although ViperBot ultimately affected verification tags from all verification providers, DV quickly detected and mitigated the scheme – ensuring protection for DV customers.
“As fraudsters continue to evolve and aggressively target high-value inventory types, measurement providers need to catch up,” said Jack Smith, chief product officer, DoubleVerify. “We’re seeing this happen in CTV and mobile inventory, where higher CPMs make it a more attractive target, but this new redirection tactic can be applied across many environments.”
Get the TV Tech Newsletter
The professional video industry's #1 source for news, trends and product and tech information. Sign up below.
George Winslow is the senior content producer for TV Tech. He has written about the television, media and technology industries for nearly 30 years for such publications as Broadcasting & Cable, Multichannel News and TV Tech. Over the years, he has edited a number of magazines, including Multichannel News International and World Screen, and moderated panels at such major industry events as NAB and MIP TV. He has published two books and dozens of encyclopedia articles on such subjects as the media, New York City history and economics.