Hey, leave the bots alone!
Somebody has to click on those adverts and make advertisers happy.
A web analytics firm has sniffed out a botnet that was raking in $6m a month from online advertisers. The so-called Chameleon botnet mimicked human visitors on select websites, causing billions of display ad impressions to be served to compromised machines. As many as 120,000 infected drones have been discovered so far. Almost …
Lol: "to identify deviant consumption of display advertising media."
Deviant as skewed, but not as "having bothered to entertain the advert"....
As Spock would say, "Sophisticated in their methods..."
Now, i am sure that the botnet writers will just make sure their bots crash more gracefully and more virtually, not taking down whole machines and causing them to re-request an IP, which by time lag, would be easy to pick if an investigative team had permission to dig into target domains and subnetss....
It dependes - the publisher might be buying what they think is legitimate traffic for their site, but is in fact fraudulent. (If you're wondering how you can 'buy' traffic for your site, that's what companies like Outbrain are doing when they put lists of links on publisher pages). That's the only case in which I think the publisher might be considered an innocent victim.
They also own the sites which host the adverts, or have an agreement with the owners. In other words, they publish the ads, and their botnet then clicks the ads. The advertiser pays the network (Google, for example) something in the region of 10c - 50c for the botnet's click, and Google pays the site owner some percentage of this. Great work if you can get it.