An unknown criminal group has created a “technically complex” construct of bogus websites and video streaming platforms that scammed Google Ads users and made at least $1.2 million a month for more than a year, experts have revealed.
A report by cybersecurity researchers Malwarebytes and Deepsee analyzed an illegal video streaming operation and discovered a complex and creative way the authors made their living.
They called the operation DeepStreamer, which operated around a website called mikerin, which the pair found loaded ads “deep beneath the content of” a separate website called moviesjoy.
Hide the ads in plain sight
Moviesjoy was the streaming website that offered its visitors free HD movies and TV series with “absolutely zero ads” on the site. “As soon as you hit the play button, you can start streaming right away, without any interruptions in between,” the site claims.
However, the ads were there – they were just embedded and hidden. What the researchers discovered was a trick in which advertisements from “seemingly ordinary websites” were loaded onto the movie site, but were not shown anywhere.
The legitimate websites are embedded and hidden within the page via iFrames, the researchers found, while the users viewing the video content were completely unaware of their existence.
A total of four Google ads would load per page. The page reloaded from time to time, showing new ads.
However, it is not the users and visitors of the illegal website who are being scammed here. It’s Google Ads users, the ones who pay Google to show their ads to relevant audiences, who aren’t getting their money’s worth. While you could argue that the pirates tried too hard and could have just shown the ads to their visitors, the researchers said Google probably wouldn’t allow it.
Furthermore, “there is no way that legitimate advertisers (i.e. those who would pay more) would accept traffic coming from a site that offers pirated movies,” they concluded.
- Here’s our rundown of the 3 (opens in new tab) straight away