Summary: A significant ad fraud scheme named ‘Scallywag’ has been exploiting pirating and URL shortening sites via illicit WordPress plugins, generating up to 1.4 billion fraudulent ad requests daily. Detected by the firm HUMAN, the operation has shrunk by 95% due to proactive measures, but the threat persists as operators seek new revenue streams. The fraudulent plugins lower entry barriers for cybercriminals, promoting a cycle of ad fraud fueled by tutorials and easy-to-use tools.
Affected: WordPress ecosystem, ad providers, and users accessing pirated content
Keypoints :
- Scallywag’s fraud operation involves four WordPress plugins that facilitate ad fraud on risky sites.
- The operation was identified by HUMAN through abnormal traffic patterns and malpractices in redirection.
- Despite a significant reduction in activity due to detection efforts, operators are adapting and may reemerge in the ad fraud landscape.