Connect with us

The Online Technology

Malvertiser behind 100+ million bad ads indicted in the US – Naked Security

Security Watch

Malvertiser behind 100+ million bad ads indicted in the US – Naked Security


The Netherlands has extradited a Ukrainian man to the US to face charges of taking part in a multi-year, international malvertising campaign in which conspirators allegedly attempted to smear malware onto victims’ computers on more than 100 million occasions.

31-year-old Oleksii Petrovich Ivanov was indicted in a court in Newark, New Jersey, on Friday, according to the US Justice Department.

He’s facing one count of conspiracy to commit wire fraud, four counts of wire fraud, and one count of computer fraud. Dutch police have had Ivanov since his arrest on 19 October 2018, after an international investigation led by the US Secret Service in coordination with Dutch law enforcement. Indicted on 3 December 2018, Ivanov arrived in the US last Thursday and has been detained without bail.

A plate of bogus fed to online ad platforms

According to the indictment, between around October 2013 and on through May 2018, Ivanov and a group of unnamed accomplices allegedly launched online advertising campaigns that came off as legit but which tried to direct unsuspecting visitors toward malware, unwanted ads, and on to other computers that could install malware.

He and his co-conspirators allegedly hid behind fake online personas and phony companies to place ads on third-party sites, such as shopping, news, entertainment, or sports websites. Ivanov and his buddies allegedly told advertising companies they were distributing ads for real products and services and even cooked up false banners and websites showing purported ads. Those advertisements purchased by the ad companies were, however, used to push malware out onto the computers of whoever viewed or clicked on them.

The indictment gave this example of the malvertising campaigns: in June and July 2014, Ivanov allegedly posed as “Dmitrij Zaleskis,” CEO of a fake UK company called “Veldex Limited” to submit a series of malvertisements to an unnamed, US-based internet advertising company for distribution. Two of the campaigns, submitted on 15 July 2014, racked up about 17,328,129 impressions in a matter of days.

Hey, your ads are being flagged as malware, the ad company told Ivanov – repeatedly. He allegedly denied any wrongdoing and talked the company into continuing to run the malverts – for months.