Reseachers at Spider.io recently announced the discovery of the Chameleon botnet, which currently costs online advertisers more than $6 million a month. The botnet, the researchers note, is the first to impact display advertisers rather than text-link advertisers.
The Spider.io researchers have been tracking behavior associated with the botnet since December of 2012, but didn't pin down the full extent of its activity until last month, working in collaboration with DataXu, media6degrees and other ad exchanges and platforms.
The botnet leverages more than 120,000 infected Windows machines, 95 percent of which access the Web from residential US IP addresses. It targets a cluster of at least 202 Web sites, which serve 14 billion ad impressions per month -- of which the botnet accounts for at least 9 billion.
"At least 7 million distinct ad-exchange cookies are associated with the botnet per month," the researchers write. "Advertisers are currently paying $0.69 CPM on average to serve display ad impressions to the botnet."https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
"The good news is that Chameleon is said to be quite unstable, and causes regular crashes and computer slowdown -- something which might alert users to there being a problem with their PC," notes Sophos' Graham Cluley.
The researchers have published a blacklist of 5,000 IP addresses of the worst bots within the Chameleon botnet here.