
A Malvertising Campaign of Secrets and Lies - gcb0
https://research.checkpoint.com/malvertising-campaign-based-secrets-lies/
======
gcb0
good research but silly hypothesis on the "conclusion". if any money was going
from malware advertisers to master134 (the entity hacking wordpress blogs to
make them show ads), they would show the "ads" directly without all those
middle mans.

more likely the adnetwork and the resellers know very well the traffic and
advertisers are malicious. but they are "partners" and want a share of this
revenue. probably they even came up with the scheme, and not the bad actors.

adterra flag both the bad sites and bad ad campaigns either explicitly as
criminal or via some misleading unique tag that will never be used, save to
mark players in this scam.

now malware advertisers pay AdTerra and its resellers like every other
advertiser. And adterra shows their ads on the tainted inventory. and pay the
"owner" of the inventory, master134.

