Google's new traffic filters specifically target the Bedep, Beetal, and Changthangi ad fraud botnets

Feb 9, 2016 23:42 GMT  ·  By

Google has announced new and improved filters for its advertising platform that will help its engineers and clients fight (the good fight) against ad fraud botnets.

In a presser released on the occasion of the Safer Internet Day (February 9), the company has announced that its security experts created new counter-measures to fight three of the most widespread ad fraud botnets around.

Google specifically identified the Bedep botnet, a well-known ad fraud infrastructure powered by the Bedep click-fraud malware, and also mentioned two new and unknown botnets, which it nicknamed Beetal and Changthangi.

According to internal assessments, the company estimates that these three botnets comprise over 500,000 infected computers, with Bedep only bringing in over 300,000 users during peak times each day.

Google announces new traffic filters that can detect ad fraud botnets

"Today we're further reinforcing our existing botnet defenses across our ad systems through a new feature that automates the filtering of traffic from three of the top ad fraud botnets," says Andres Ferrate, Chief Advocate for Google's Ad Traffic Quality team.

"One of the key benefits of this new feature is that it is resilient to possible changes to the malware that generates this botnet traffic," he further explains.

This key feature will allow Google's team to quickly modify the rules for detecting invalid traffic and minimize its losses from inexistent clicks and ad displays.

Google is playing cat and mouse

With malware authors constantly updating their malware's source code, Google and every other security product are always playing catch-up. If Google has truly managed to put together some kind of AI to detect invalid traffic without too much human intervention, this modification can throw a monkey wrench in the ad fraud business and set it back for the upcoming months.

Ad fraud botnet operators won't stay behind for long, but it will buy Google more time to study botnet infrastructures and possibly come up with something better to counter-act its rivals in the next round.

Compared to other forms of malware, ad fraud bots aren't usually that much hated, since most of their damage is done to advertising networks, and not the end user.

You rarely hear from cyber-security vendors on this front, who tend to focus on more dangerous malware that impacts consumers and the majority of businesses, not just the smaller advertising niche. You can say that Google and its fellow advertising platforms are the only ones fighting ad fraud botnets, and if a major exploit kit didn't distribute a click-fraud malware now and then, you'd rarely hear anything about them.

You can read more on Bedep and its tactics in this security report coincidentally released today by Cisco's Talos team.

Bedep ad fraud botnet recent activity
Bedep ad fraud botnet recent activity

Photo Gallery (2 Images)

Google goes after the three biggest ad fraud botnets around
Bedep ad fraud botnet recent activity
Open gallery