A federal indictment charged eight individuals with perpetrating widespread digital advertising fraud that cost businesses millions of dollars.
On 27 November, a federal court in Brooklyn unsealed the indictment charging Aleksandr Zhukov, Boris Timokhin, Mikhail Andreev, Denis Avdeev, Dmitry Novikov, Sergey Ovsyannikov, Aleksandr Isaev and Yevgeniy Timchenko with wire fraud, aggravated identity theft and other criminal violations. The indictment also authorized the FBI to seize 31 internet domains and extract data from 89 computer servers operated by the defendants.
According to court documents, the defendants operated two criminal operations. The first took place between September 2014 and December 2016 when Zhukov, Timokhin, Andreev, Avdeev and Novikov with Ovsyannikov’s assistance carried out a digital advertising fraud scheme using a purported ad network. They perpetrated this ruse by renting 1,900 servers in commercial data centers to load ads on fake websites. They then programmed the data centers to simulate human web users’ activity and make it look like these users were viewing the ads. In so doing, the defendants falsified billions of ad views and cost businesses $7 million for ads which no human user ever viewed.
The second operation occurred between December 2015 and October 2018 when Ovsyannikov, Timchenko and Isaev used a botnet of computers infected with Kovter, a threat which has been active in malspam campaigns over the years, to perpetrate digital advertising fraud. They did so by using hidden browsers on 1.7 million infected computers to load ads on fabricated websites. This activity cost businesses $29 million.
William F. Sweeney, Jr., Assistant Director-in-Charge of the FBI at the New York Field Office, feels the charges set out in the indictment are justified given the schemes’ financial consequences for businesses. As quoted in a Department of Justice statement:
As alleged, these individuals built complex, fraudulent digital advertising infrastructure for the express purpose of misleading and defrauding companies who believed they were acting in good faith, and costing them millions of dollars. This kind of exploitation undermines confidence in the system, on the part of both companies and their customers. Thanks to the hard work of our legal attachés and law enforcement partners overseas, with the cooperation of our international and U.S.-based private sector partners, the defendants will face justice for their alleged crimes.
Following Ovsyannikov’s arrest in Malaysia, federal law enforcement partnered with authorities around the world to sinkhole 23 web domains used by the botnet and to seize bank accounts associated with the scheme. These efforts ultimately led Bulgarian authorities to arrest Zhukov and Estonian officers to arrest Timchenko in November 2018. Those two individuals currently await extradition to the United States.
At this time, the remaining defendants are still at large.