Stop Worrying About Ad Blockers and Start Worrying About Xindi

Share this content:

The digital marketing landscape remains open to plunder by a growing lineup of criminal innovators. Meet Xindi.


We've devoted several inches of this space in recent weeks to the marketing-killing phenomenon of ad blockers being installed by the millions on people's PCs and mobile devices. For now, their effect is primarily confined to small publishers dependent on programmatic ad revenue for sustenance. Meanwhile, a new botnet has been uncovered that's affecting leading publishers and Fortune 500 companies, one that could swallow up $3 billion in fraudulent ad impressions in the coming year.

Fraud protection company Pixalate claims to have discovered Xindi, a botnet that takes advantage of the Amnesia Bug in the Open RTB protocol that is the standard for programmatic buying. Unlike most ad fraud bots that arrive at their ill-gotten gains via clickjacking—getting ads served to bogus websites—the Xindi leeches practice impression fraud. They imitate legitimate users by repeatedly loading a page to chalk up multiple, seemingly high-value, impressions.

Pixalate contends that Xindi has infiltrated six to eight million machines at 10% of the Fortune 500 companies, 1,500 universities, and 200 financial institutions. Organizations rated by Pixalate to have infiltration risk scores of 90% or higher include Citigroup, General Motors, Marriott International, and Wells Fargo. Their networks generally enjoy good reputations and generate high CPMs in ad buys.

Accessing the Amnesia Bug enables Xindi to conceal the true status of an ad transaction, causing bidding engines to bid on more impressions per compromised host than originally intended. Xindi lets the bad guys hoard multiple ad markups, hold them back, and then replay them in a burst. Because so many impressions are released at the same time, fraud cautions such as frequency caps aren't able to block the bogus ones.

Pixalate found that, in ad campaigns infiltrated by Xindi, fraud was up by a factor of 3x. It projects that the botnet will siphon off a minimum of $2.4 billion from programmatic ad spending in 2016 and potentially as much as $3.6 billion.

Xindi can be held at bay, Pixalate asserts, by implementing a reasonable time-out for an ad after the creative is served on a user's machine. Any creative rendered after the time limit is most likely the handiwork of Xindi and should be considered non-billable. Pixalate will be releasing a list of IP addresses that have shown to be the most vulnerable to this latest—and perhaps most diabolical—botnet.

DMNotes is DMN's around-the-clock blog. Yes, a blog in 2016.

Bookmark this section and follow our RSS Feed here

close

Next Article in Marketing Strategy

Sign up to our newsletters

Company of the Week

Since 1985, Melissa has helped thousands of companies clean, correct and complete contact data to better target and communicate with their customers. We offer a full spectrum of data quality solutions, including global address, phone, email, and name validation, identify verification - available for batch or real-time processes, in the Cloud or on-premise. Our service bureau provides dedupe, email/phone append and geographic/demographic append services for better targeting and insight. For direct mailers, Melissa offers easy-to-use address management/postal software, list hygiene services and 100s of specialty mailing lists - all with competitive pricing and excellent customer service.

Find out more here »

Career Center

Check out hundreds of exciting professional opportunities available on DMN's Career Center.  
Explore careers in digital marketing, sales, eCommerce, marketing communications, IT, data strategies, and much more. And don't forget to update your resume so employers can contact you privately about job opportunities.

>>Click Here