News

Methbot botnet manager sentenced to 10 years in prison

Russian Alexander Zhukov, who ran the huge advertising botnet Methbot and called himself the “king of fraud”, was sentenced to 10 years in prison in the United States.

The verdict ends a story that has lasted for many years. So, back in 2018, Zhukov, who actively bragged about the money he earned online and called himself the “king of fraud”, was arrested in Bulgaria and extradited to the United States. Let me remind you that Zhukov was the head of the huge fraudulent advertising network Methbot, which has been operating since at least 2014, and about which we have repeatedly talked about it.

In essence, Zhukov and his associates created a fake ad network that advertisers used for their ad campaigns. However, instead of displaying ads on real sites, the scammers rented more than 2,000 servers in data centers that they configured to act as web servers and serve ads to their “customers.” These servers were then configured to mimic the activity of live people viewing the page, including displayed ads.

The scale of this botnet is well illustrated by the fact that in the summer of this year, following a trial, Zhukov was found guilty of fraud with brands, advertising platforms and other businesses in the amount of more than $ 7,000,000.

Methbot was one of the largest botnets in history and generated $ 3 to $ 5 million in revenue per day in 2016, according to Symantec. Zhukov kept 75% of this profit for himself, calling himself “the king of fraud”, and his employees – “my developers.”

The court documents state that Zhukov not only hired programmers to help him build and manage a botnet (all this was disguised as a legitimate advertising network Media Methane), but also personally programmed imitation of human activity: bots “browsed” the Internet, scroll through web pages, start and stop video players. Investigators said Zhukov rented more than 650,000 IP addresses and registered them in the names of large telecommunications companies to make it appear as if the traffic was coming from real people.

At its peak, according to Google, Methbot generated more than three billion fraudulent ad requests every day. He also used more than 60,000 accounts selling fake page views, operated roughly 10,000 fake sites to serve ads, had over 1,000 servers, and controlled over a million IP addresses to hide his bot activity.

According to a report by White Ops (now called Human), the scheme was primarily focused on video ads, which generated higher revenue per view.

It was previously reported that the victims of the botnet included The New York Times, The New York Post, Comcast, Nestle Purina, Texas Scottish Rite Hospital and Time Warner Cable.

Zhukov has maintained his innocence since his arrest and declared his innocence in court in 2019. He claimed to have developed AI tools for running a “completely legal” advertising business. In the same year, he asked the judge in charge of his case to appoint a new attorney, writing in the petition:

I am an unarmed soldier in front of a tank named FBI.
This week he was sentenced to 10 years in prison and ordered to pay $ 3,827,493.

Let me remind you that we also talked about TrickBot developer Vladimir Danaev being extradited to the USA.

User Review
0 (0 votes)
Comments Rating 0 (0 reviews)
Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Recent Posts

Remove Kurlibat.xyz pop-up ads (Virus Removal Guide)

Kurlibat.xyz is a site that tries to trick you into clik to its browser notifications…

3 hours ago

Remove Initiateintenselyrenewedthe-file.top pop-up ads (Virus Removal Guide)

Initiateintenselyrenewedthe-file.top is a domain that tries to trick you into clik to its browser notifications…

3 hours ago

Remove Wotigorn.xyz pop-up ads (Virus Removal Guide)

Wotigorn.xyz is a site that tries to force you into subscribing to its browser notifications…

3 hours ago

Remove Initiateintenselyprogressivethe-file.top pop-up ads (Virus Removal Guide)

Initiateintenselyprogressivethe-file.top is a domain that tries to force you into clik to its browser notifications…

3 hours ago

Remove Nuesobatoxylors.co.in pop-up ads (Virus Removal Guide)

Nuesobatoxylors.co.in is a domain that tries to trick you into subscribing to its browser notifications…

7 hours ago

Remove Helistym.xyz pop-up ads (Virus Removal Guide)

Helistym.xyz is a site that tries to force you into clik to its browser notifications…

7 hours ago