Newly-uncovered bot network HyphBot generated up to $1.3m a day in fraudulent ad traffic

Adform has uncovered ‘HyphBot’, an ad fraud operation generating fake traffic on over 34,000 domains – making it one of the largest bot networks ever seen in digital advertising.

Active through at least 14 different exchanges and SSPs, Hyphbot has been generating up to 1.5bn daily requests. The traffic comes from a network of over 500,000 IP addresses, primarily in the US.

The fake domains tricked advertisers into thinking they were buying inventory from premium publishers like CNN, the Wall Street Journal and Financial Times.

The bot-generated traffic on these domains was mostly focused on video inventory, due to the higher price of video ads over display. Depending on CPMs, Adform estimates that HyphBot could have taken as much as $1.3m (£1m) in a single day.

Adform’s report suggests a number of solutions to help the industry beat HyphBot.

“DSPs and SSPs should check their data warehouses for the patterns highlighted and they should also investigate requests from cookies that visited those patterns,” it reads. “In addition to this, they should contact all networks that are sending traffic from these patterns. If networks are not transparent about their source, we suggest you shut them down. There needs to be a real cost of doing business with fraudulent players.”

It also says that much of the fraudulent traffic could have been avoided using the IAB Ads.txt initiative, which uses lists of authorised domains for analysis and filtering.