DoubleVerify (“DV”), a leading software platform for digital media measurement, data and analytics, has announced that it has confirmed seven fraud schemes targeting CTV devices over the past 18 months are part of one large, coordinated fraud scheme family, identified as OctoBot.
Since November 2019, the seven variants in the OctoBot scheme have generated billions of ad calls and spoofed thousands of apps and millions of devices — all with the intention to defraud advertisers out of millions in revenue. DV, however, has continued to protect customers throughout the iterations of this fraud family.
DV caught the most recent variant of OctoBot in February and shut it down within 24 hours. This latest variant exhibited similar behavior to a series of schemes DV has been blocking and tracking since November 2019. Two notable variants within the OctoBot scheme includeMultiTerraandSneakyTerra, which were first identified by DV last year. MultiTerra is estimated to have had a $1M/month impact in diverted spend, and SneakyTerra is estimated to have had a $5M/month impact.
“We’ve been seeing fraudsters aggressively target the CTV space, but the OctoBot fraud scheme family, with its multiple tentacles, is unprecedented,” said Mark Zagorski, Chief Executive Officer at DV. “OctoBot displays a high degree of ingenuity in its evolving approach— with each variant operating in a unique manner. Our Fraud Lab, however, ultimately was able to detect common behaviors and traffic patterns that enabled us to identify the interrelationship between these seemingly dissociated approaches.”
DV’s Fraud Lab — powered by a dedicated team of data scientists, mathematicians and researchers — performs ongoing detection and analysis of new types of digital ad fraud to uncover the latest schemes as they occur. In an attempt to avoid DV’s rapid detection, this family of schemes repeatedly evolved, and were repeatedly shut down by DV. To identify the link between the OctoBot variants, DV performed a months-long analysis of trillions of ad impressions and auctions, reverse engineering dozens of applications, and conducting significant open source intelligence (OSINT) operations.