Malvertising and ad fraud often seem like two sides of the same coin, and this recent campaign shows how the tactics of the former can fuel the latter.
Dubbed VidLox-3pc (VidLox), this malware-driven ad fraud campaign uses a fake creative—typically repeating the logo of well-known social, gaming, or streaming apps—and injects multiple tracking URLs to generate at least 25 non-viewable impressions for in-app video ad campaigns. The fake impression reporting is delivered to at least 10 demand and supply side platforms (DSP, SSP). The campaign relies on extensive obfuscation to successfully bypass creative blockers in multiple app environments to divert ad spend from legitimate AdTech and publishers.
Download: VidLox technical analysis
Download