Researchers from HUMAN have uncovered a sophisticated ad fraud operation known as “Merry-Go-Round,” consisting of two separate rings of websites that use pop-under tabs to redirect traffic and generate hidden ad impressions.
Description
At its peak [1] [4], the operation was responsible for 782 million bid requests per day, but currently [1], it generates around 200 million bid requests daily [2]. The threat actors behind Merry-Go-Round continuously update their attack by adding new domains and subdomains to their rings [2], making it challenging to detect their activities. This operation is highly effective in concealing its actions and maximizing profits by loading up to a hundred ads per domain cycle. Will Herbig [1] [3], director of fraud operations at Human Security [1] [3], emphasizes the scale of the operation, likening it to the ad intake of 150,000 individuals. To avoid falling victim to such scams [1] [3], Herbig advises advertisers to be aware of the sources from which they purchase ad inventory. Customers protected by Human Security for ad fraud defense are safeguarded from the impacts of Merry-Go-Round [2].
Conclusion
The Merry-Go-Round ad fraud operation poses a significant threat to advertisers, generating millions of bid requests daily and continuously evolving to avoid detection. By staying vigilant and working with trusted partners like Human Security, advertisers can protect themselves from falling victim to such fraudulent schemes in the future.
References
[1] https://www.darkreading.com/threat-intelligence/shady-merry-go-round-ad-fraud-network-orgs-hemorrhaging-cash
[2] https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-merry-go-round-conceals-ads-from-users-and-brands
[3] https://www.admonsters.com/merry-go-round-conceals-ads-for-consumers-and-brands/
[4] https://cyberinsider.com/sophisticated-ad-cloaking-operation-merry-go-round-exposed/
