New CTV Scam Hijacks Real CTV Sessions

(Image credit: ThinkStock)

NEW YORK—A new CTV fraud scheme has been revealed by DoubleVerify that is allegedly the first to use real CTV device sessions, dubbed “SneakyTerra.”

SneakyTerra is a server-side ad insertion(SSAI) scheme that hijacks real CTV device sessions. It purchases a real impression and then inserts impression trackers from multiple ads, obtained through spoof SSAI calls, into one response. When an actual CTV device receives this response, pixels fire for all the impression trackers, generating impressions for multiple ads although only one is seen.

According to DoubleVerify, at its peak SneakyTerra spoofed more than 2 million devices each day and could have cost unprotected advertisers more than $5 million per month.

DoubleVerify’s DV Video Filtering was key in discovering SneakyTerra. DV Video Filtering allowed DV’s Fraud Lab to see SneakyTerra’s spoofed SSAI transactions before any additional impressions could be executed on a real CTV device.

DoubleVerify says that SneakyTerra is a much more sophisticated CTV fraud scheme than other recent examples such as LeoTerra and ParrotTerra.

A full report from DoubleVerify on SneakyTerra is available online