Scallywagged! How WordPress Plugins Fueled a Billion-Request Ad Fraud Scheme
Scallywag, an ad fraud operation, used WordPress plugins to monetize pirating sites, generating billions of fake ad requests. HUMAN’s intervention shrank Scallywag by 95%, but the operators remain persistent. These WordPress ad fraud plugins lowered the entry barrier for cybercriminals, with some even sharing tutorials on YouTube for potential fraudsters.
Hot Take:
When you hear “Scallywag,” you might think of a mischievous rogue, but in the world of ad fraud, it’s more like a digital pirate with a penchant for WordPress plugins and a billion-dollar mischief plan! HUMAN, the proverbial swashbuckling hero, pulled off a modern-day ‘pirates of the interwebs’ takedown, sending Scallywag’s fraudulent empire sinking faster than a pirate ship with a cannonball hole. Avast, ye digital seas are a tad safer today!
Key Points:
- Scallywag is a massive ad fraud operation using WordPress plugins, peaking at 1.4 billion fake ad requests daily.
- HUMAN, a bot and fraud detection firm, identified 407 domains supporting Scallywag and reduced its activity by 95%.
- The operation leverages plugins like Soralink, Yu Idea, WPSafeLink, and Droplink to generate cash from low-quality sites.
- Scallywag uses a redirection process to create ad impressions, fooling ad platforms with cloaked WordPress sites.
- Despite its collapse, Scallywag’s operators are expected to adapt and find new ways to resume their fraudulent activities.