With traditional media advertising, the companies that paid for ads never had to worry about having their money stolen by thieves. However, in the Internet age there is no such guarantee, and companies are losing millions of dollars to Internet thieves.
Blogs play a very delicate game when it comes to money. On one hand they need to run advertising in order to make money so they can pay the bills and their writers, but on the other hand they have to be careful or else there’s the risk of alienating their readers with too many ads. On top of that news outlets have to try and attract quality advertising to make it all worthwhile, but the situation is equally delicate for the advertisers who have to constantly show that they are actually getting something back on the money they spend.
So when news of something like the Chameleon botnet breaks you can be assured that advertisers are going to be paying attention, especially when that botnet could very well be stealing millions of dollars from them.
Security researchers first came across the Chameleon botnet at the end of 2012, and believe it is one of the most sophisticated ad revenue stealing botnets to date. The bot is capable of re-creating "normal" mouse traces, "random" click-through on specific advertisements, and ad only clicking 0.02 percent of the time. This kind of behavior is meant to trick existing technology that is available to detect fraudulent click activity on ads.
The botnet was discovered by security company Spider.io and they have been able to detect at least 120,000 'host machines'; which a majority of them coming from United States IP addresses.
The cost to advertisers by the Chameleon botnet is estimated to be in the range of $6 million so far, and that it is responsible for almost nine billion ad impressions being served up by the 202 sites it is known to visit.
via Ars Technica