Researchers Discover Ad Fraud Botnet Targeting Smart TVs

Mike Wheatley

One of the first ever botnets that specifically targets smart TVs has been discovered, according to an alert by the digital media analytics company DoubleVerify.


The botnet was flagged following an investigation by DoubleVerify’s specialist Fraud Lab after it noticed a 40 percent spike in traffic to its servers from connected TVs. Fraud Lab uses a mix of manual methods and machine learning processes in order to conduct its investigations, and said the botnet it discovered was the first its found in a Connected TV environment.

Botnets refer to armies of devices, traditionally computers, that have been infected with malware so they can be hijacked for nefarious purposes. In most cases, the botnets purport to be genuine users whom advertisers pay to be able to reach with their online advertising.

The botnet was apparently designed to generate fraudulent impressions in order to trick those advertisers. It worked by spoofing genuine publisher URLs before sending fake signals that the ad server believed were from real CTV devices.

DoubleVerify’s Fraud Lab later analysed this fake traffic and found that around two thirds of the false impressions appeared to come from Smart TVs, with the remainder purporting to come from video games consoles.

Wayne Gattinella, DoubleVerify’s chief executive officer, said in an interview with Business Insider that the real news wasn’t the botnet itself, as these are all too common, but rather the means of delivery – connected TV devices seem to be new territory, he explained.

Nevertheless, the discovery doesn’t come as much of a surprise, given the rapid growth of connected TVs and video streaming services. According to the Video Advertising Bureau, around half of all Internet users access online video subscription services on a weekly basis. Meanwhile, another 49 percent use network TV apps such as Netflix just as regularly.

Those numbers mean that connected TVs are a tempting target for fraudsters looking for new ways to cheat advertisers out of their money. Juniper Research says the industry is expected to lose a whopping $19 billion due to fraudulent clicks this year, and so the largely untapped connected TV space is ripe for abuse given how lucrative the ‘industry’ is.

DoubleVerify, whose services include shielding advertisers from this kind of fraud, said it took immediate action to protect its customers from the botnet.

“We are continuously executing independent checks of both environment cues and hardware to verify the authenticity of signals and identify discrepancies that point to falsification,” Roy Rosenfeld, Head of DoubleVerify’s Fraud Lab, said