|
|
| Line 1: |
Line 1: |
| − | '''3ve''' is a ring of hackers that presented themselves as legitimate companies delivering advertisements to real human Internet users accessing real Internet webpages. This group of [[BGP]] hijackers<ref>[https://www.cloudflare.com/en-gb/learning/security/glossary/bgp-hijacking/ BGP Hijacking, CloudFlare Glossary]</ref> faked users and webpages by programming computers they controlled to load advertisements on fabricated webpages via an automated program. | + | {{People |
| | + | |country=France |
| | + | |website=http://www.coe.int/media-dataprotection |
| | + | |linkedin=http://www.linkedin.com/in/etheth |
| | + | |portrait=ElvanaThaciPortrait.JPG |
| | + | |caricature=ElvanaThaciCaricature.jpg |
| | + | }} |
| | + | '''Elvana Thaçi''' is Administrator at the Directorate General of Human Rights and Legal Affairs for the Information Society, Media & Data Protection Department at the Council of Europe, where she focuses on Internet-related policy. Her interests lie in the protection of human rights and fundamental freedoms, such as the freedom of expression, privacy, the freedom of association, and democracy, as they relate to the internet.<ref>[[ICANN 40]] Interview</ref> |
| | | | |
| − | ==History==
| + | She is a [[GAC]] Observer.<ref>[http://gac.icann.org/gac-observers/ms-elvana-tha%C3%A7i-0 GAC]</ref> |
| − | ===Ad Network #1===
| |
| − | From September 2014 to December 2016, 3ve ran Ad Network #1, also known as "Methbot."<ref>[https://www.justice.gov/usao-edny/pr/two-international-cybercriminal-rings-dismantled-and-eight-defendants-indicted-causing The Datacenter-Based Scheme (Methbot), U.S. DoJ News]</ref> In this scheme, 3ve had business arrangements with advertising networks whereby it received payments in return for placing advertising placeholders (“ad tags”) on websites. 3ve rented more than 1,900 computer servers housed in commercial data centers mainly in Dallas, Texas, and Germany for loading ads on fabricated websites and spoofing over 5,000 domains. The hackers then programmed the data center servers to simulate humans browsing the internet through fake browsers, using fake mouses to move around and scroll down webpages, using video players, and appearing to be signed into [[Facebook]]. 3ve also leased over 650,000 [[IP address]]es, which were assigned the data center servers and registered as residential computers belonging to individual subscribers to various [[ISP|internet service providers]]. 3ve falsified billions of ad views and received over $7 million.
| |
| | | | |
| − | ===Ad Network #2=== | + | ==References== |
| − | From December 2015 to October 2018, 3ve ran "Ad Network #2."<ref>[https://www.justice.gov/usao-edny/pr/two-international-cybercriminal-rings-dismantled-and-eight-defendants-indicted-causing The Botnet-Based Scheme (3ve.2 Template A), U.S. DoJ News]</ref> In this scheme, the hackers used a global [[Botnet Attacks|botnet(work)]] of computers infected with the [[Malware]]s known as [[Kovter]] and [[Boaxxe]]. 3ve used command-and-control servers to direct and monitor infected computers and check whether each one had been flagged by [[Cybersecurity]] companies. The hackers accessed more than 1.7 million infected computers that belonged to ordinary individuals and businesses around the world. They were able to use hidden browsers to download fabricated webpages and load ads, which ran in the computers' backgrounds. Through Ad Network #2, the hackers were able to falsify billions of ad views and receive more than $29 million.
| + | {{reflist}} |
| | | | |
| − | ===Ads.txt Development===
| |
| − | At the end of 2016, [[IAB Tech Lab]] began developing [[Ads.txt]], which it released in late June 2017, for filtering out unauthorized sellers of a publisher’s inventory,<ref>[https://www.adexchanger.com/ad-exchange-news/domain-spoofing-gone-ads-txt-will-filter-imposter-sites/ Domain Spoofing be Gone, Ad Exchanger]</ref> as the FBI gathered evidence to build its case.<ref>[https://www.adexchanger.com/online-advertising/how-ads-txt-took-down-3ve-as-the-fbi-took-down-its-creators/ How Ads.txt Took Down 3ve, Ad Exchanger]</ref>
| |
| | | | |
| − | ===U.S. Federal Indictments===
| + | [[Category:GAC]] |
| − | On November 27, 2018, with the help of Europol, [[Interpol]], and the governments of Malaysia, Bulgaria, Estonia, Germany, the Netherlands, France, Switzerland, and the U.K., Richard P. Donoghue (United States Attorney for the Eastern District of New York), William F. Sweeney, Jr. (FBI), and James P. O’Neill (Commissioner, NYPD) announced 13 counts of indictment in a U.S. federal court in Brooklyn charging Russians [[Aleksandr Zhukov]], [[Boris Timokhin]], [[Mikhail Andreev]], [[Denis Avdeev]], [[Dmitry Novikov]], [[Sergey Ovsyannikov]], [[Aleksandr Isaev]], and Kazakhstani [[Yevgeniy Timchenko]] with widespread digital advertising fraud, wire fraud, computer intrusion, aggravated identity theft, and money laundering.<ref>[https://www.justice.gov/usao-edny/pr/two-international-cybercriminal-rings-dismantled-and-eight-defendants-indicted-causing 3ve Indictment Summary, U.S. DoJ News]</ref> Seizure warrants authorizing the FBI to take control of 31 domains and multiple international bank accounts mainly in Switzerland and search warrants authorizing the FBI to take information from 89 computer servers that were part of the infrastructure for the [[Botnet Attacks|botnets]] engaged in the criminal activity. The FBI worked with private sector partners, such as [[Google]]<ref>[https://security.googleblog.com/2018/11/industry-collaboration-leads-to.html Industry collaboration Industry collaboration leads to takedown of the “3ve” ad fraud operation, Google Security Blog]</ref> and [[WhiteOps]],<ref>[https://resources.humansecurity.com/home/the-hunt-for-3ve The hunt for 3ve, WhiteOps]</ref> to redirect traffic going to the domains by engaging in [[DNS sinkholing]].
| |
| − | | |
| − | ==References==
| |
Elvana Thaçi is Administrator at the Directorate General of Human Rights and Legal Affairs for the Information Society, Media & Data Protection Department at the Council of Europe, where she focuses on Internet-related policy. Her interests lie in the protection of human rights and fundamental freedoms, such as the freedom of expression, privacy, the freedom of association, and democracy, as they relate to the internet.[1]
She is a GAC Observer.[2]
References
Elvana Thaçi
