Stop Worrying About Ad Blockers and Start Worrying About Xindi

Share this content:

The digital marketing landscape remains open to plunder by a growing lineup of criminal innovators. Meet Xindi.


We've devoted several inches of this space in recent weeks to the marketing-killing phenomenon of ad blockers being installed by the millions on people's PCs and mobile devices. For now, their effect is primarily confined to small publishers dependent on programmatic ad revenue for sustenance. Meanwhile, a new botnet has been uncovered that's affecting leading publishers and Fortune 500 companies, one that could swallow up $3 billion in fraudulent ad impressions in the coming year.

Fraud protection company Pixalate claims to have discovered Xindi, a botnet that takes advantage of the Amnesia Bug in the Open RTB protocol that is the standard for programmatic buying. Unlike most ad fraud bots that arrive at their ill-gotten gains via clickjacking—getting ads served to bogus websites—the Xindi leeches practice impression fraud. They imitate legitimate users by repeatedly loading a page to chalk up multiple, seemingly high-value, impressions.

Pixalate contends that Xindi has infiltrated six to eight million machines at 10% of the Fortune 500 companies, 1,500 universities, and 200 financial institutions. Organizations rated by Pixalate to have infiltration risk scores of 90% or higher include Citigroup, General Motors, Marriott International, and Wells Fargo. Their networks generally enjoy good reputations and generate high CPMs in ad buys.

Accessing the Amnesia Bug enables Xindi to conceal the true status of an ad transaction, causing bidding engines to bid on more impressions per compromised host than originally intended. Xindi lets the bad guys hoard multiple ad markups, hold them back, and then replay them in a burst. Because so many impressions are released at the same time, fraud cautions such as frequency caps aren't able to block the bogus ones.

Pixalate found that, in ad campaigns infiltrated by Xindi, fraud was up by a factor of 3x. It projects that the botnet will siphon off a minimum of $2.4 billion from programmatic ad spending in 2016 and potentially as much as $3.6 billion.

Xindi can be held at bay, Pixalate asserts, by implementing a reasonable time-out for an ad after the creative is served on a user's machine. Any creative rendered after the time limit is most likely the handiwork of Xindi and should be considered non-billable. Pixalate will be releasing a list of IP addresses that have shown to be the most vulnerable to this latest—and perhaps most diabolical—botnet.

DMNotes is DMN's around-the-clock blog. Yes, a blog in 2016.

Bookmark this section and follow our RSS Feed here

close

Next Article in Marketing Strategy

Sign up to our newsletters

Company of the Week

Brightcove is the world's leading video platform. The most innovative and respected brands confidently rely on Brightcove to solve their most demanding communication challenges because of the unmatched performance and flexibility of our platform, our global scale and reliability, and our award-winning service. With thousands of customers and an industry-leading suite of cloud video products, Brightcove enables customers to drive compelling business results.

Find out more here »

Career Center

Check out hundreds of exciting professional opportunities available on DMN's Career Center.  
Explore careers in digital marketing, sales, eCommerce, marketing communications, IT, data strategies, and much more. And don't forget to update your resume so employers can contact you privately about job opportunities.

>>Click Here

Relive the 2017 Marketing Hall of Femme

Click the image above