Latest news with #HUMAN
Forbes
17-04-2025
- Business
- Forbes
Apollo Exposed: What 400M Fake Ad Requests Reveal About Fraud
Audio advertising is booming. With programmatic audio spend projected to surpass $2 billion in 2025, it's become one of the most promising—and vulnerable—channels in digital media. Where innovation leads, cybercrime follows. And the recent Apollo operation uncovered by HUMAN and The Trade Desk is a case study in just how sophisticated, and damaging, that fraud can be. At its peak, Apollo accounted for 400 million fraudulent bid requests per day, making it the largest audio-related ad fraud scheme ever detected. But what makes Apollo especially troubling isn't just the scale—it's how convincingly it mimicked legitimate traffic, exploited supply chain blind spots, and leveraged malware-infected CTV devices to obscure its origin. I spoke with Will Herbig, senior director for AdTech Fraud Research & Strategic Customer Analytics at HUMAN, about the research. He explained that Apollo preyed on a fundamental weakness in server-side ad insertion, the technology used to serve seamless audio and video ads without interrupting user experience. With SSAI, advertisers receive limited telemetry—often just a user-agent string and an IP address—making it an ideal environment for spoofing. Fraudsters behind Apollo reverse-engineered the ad request flows of legitimate apps, replicating their formats to impersonate real audio ad inventory. They even spoofed apps that shouldn't have been serving audio at all. 'One of the things that sparked this investigation was the question of, why are puzzle apps serving audio ads?' Herbig told me. 'At least in my experience, it's uncommon that a puzzle app or something like that is going to serve an audio ad.' It was a subtle anomaly—but it set off a cascade of deeper analysis that ultimately exposed Apollo's intricate fabrication tactics. Apollo's traffic wasn't generated by infected devices in the traditional sense. Instead, bid requests were fabricated wholesale—generated by script, spoofed to resemble real devices, and funneled through residential proxies to mask their true data center origins. Herbig emphasized that the scale Apollo operated at generated traffic equivalent to a the traffic of a mid-sized city like Stamford, Connecticut. That scale was achieved in part thanks to BADBOX 2.0, a botnet of over a million compromised connected TV devices. Apollo traffickers leveraged BADBOX to route requests through residential IPs, making the traffic appear legitimate and difficult to trace. HUMAN had previously disrupted BADBOX, but its infrastructure was clearly still being exploited. By layering spoofed app identities, forged device configurations, and residential proxy evasion, Apollo's operators built a fraud operation that slipped through many traditional defenses. The real damage, however, was in how Apollo exploited programmatic advertising's fragmented supply chain. Many platforms only validate the final seller in a transaction—a check that Apollo often passed. But those 'authorized' sellers were frequently several layers removed from the spoofed origin. 'There can be non-compliance in earlier parts of the supply chain, and then as you get to later parts, things look valid,' Herbig said. 'Many implementations of these supply chain standards are only checking the last place that came from, so everything that happened before that is kind of out of scope.' This phenomenon—what HUMAN refers to as 'supply chain convergence'—allows spoofed inventory to piggyback on authorized reseller pathways, creating a false sense of legitimacy. It's a loophole that remains dangerously under-policed in today's real-time bidding ecosystem. HUMAN didn't just uncover Apollo—they helped dismantle it. Leveraging a predictive pre-bid scoring engine and an aggressive response strategy, the company saw a 99% reduction in Apollo-associated traffic across its platform. 'We are effectively demonetizing this supply,' Herbig said. 'By reducing the amount of bids that this inventory is getting… we're making it harder and harder for fraudsters to profit.' The broader goal, Herbig explained, is to make ad fraud uneconomical at scale. Each operation disrupted increases the operational cost for cybercriminals. Every layer of complexity—whether it's a disrupted proxy network, stricter supply chain checks, or tighter SDK enforcement—raises the barrier to entry. One of the strongest weapons against operations like Apollo isn't just technology—it's collaboration. HUMAN has leaned heavily into this strategy through its Human Collective, a multi-stakeholder initiative aimed at threat sharing and collective protection. According to Herbig, 'One of the great things we're doing is threat sharing. When we are observing concentrations of IBT, we are discussing that with the Human Collective, and we're using it as a forum for collaboration and a forum for discussion.' By sharing intelligence, surfacing patterns, and coordinating responses, HUMAN and its partners are creating a ripple effect across the programmatic ecosystem. The goal isn't to eliminate fraud entirely—it's to tip the cost-benefit equation against the fraudsters. As Herbig put it, 'We're trying to disrupt the economics of cybercrime… to the point that it becomes not worth it.' Apollo is a milestone—not just in the scope of audio ad fraud, but in how the industry responds to it. The findings call for stronger adoption of third-party verification tools like the Open Measurement SDK, more rigorous end-to-end supply path validation, and above all, tighter industry-wide collaboration. Audio may be one of the newest frontiers in ad fraud, but it doesn't have to be the most vulnerable. With vigilance, transparency, and cooperation, the industry has a fighting chance to turn down the noise and restore trust in programmatic audio.
Yahoo
18-03-2025
- Business
- Yahoo
HUMAN Sightline Revolutionizes Bot Management with AI-Enhanced Insights to Detect, Isolate, and Track Attackers
An industry-first, HUMAN Sightline helps security teams save investigation hours, facilitate actionable communication with stakeholders, and enhance decision-making on individual automated threats HUMAN Sightline Revolutionizes Bot Management with AI-Enhanced Insights to Detect, Isolate, and Track Attackers NEW YORK, March 18, 2025 (GLOBE NEWSWIRE) -- HUMAN Security, Inc., a leading cybersecurity company committed to safeguarding every step of the customer's online journey by defending against bots, fraud, and digital risk, announced today HUMAN Sightline, an innovative suite of capabilities that detects, isolates, and tracks individual bot profiles. HUMAN Sightline enables security teams to conduct faster investigations and optimize their response to evolving threats in the era of AI. This fundamentally transforms bot management by delivering never-before-seen insights into automated traffic. 'The bot mitigation landscape is swiftly evolving with the proliferation of AI-generated threats, and the industry can no longer rely on last-gen methods to detect and investigate next-gen threats,' 'Bots are becoming more sophisticated, and organizations must respond with advanced detection techniques to protect their business and drive security optimization strategies at scale. With HUMAN Sightline, we are putting data-driven investigation tools straight into the hands of our customers and their security teams.' With HUMAN Sightline, customers can isolate individual attacker profiles and uncover what each one is doing in granular detail. HUMAN's secondary detection engine analyzes all automated activity on an application and segments it into distinct profiles, going beyond simple anomaly detection or basic signature mapping. Using sophisticated data modeling, HUMAN Sightline identifies and tracks nuanced shifts in bot behavior as they occur. This enables security analysts to see the activity of individual bot profiles over time, as well as their sophistication, capabilities, and the specific factors that distinguish them from humans and other bots on the application. "The responsibility of security is making decisions, and HUMAN Sightline helps us make decisions," said Omri Lotan, Site Reliability Engineer at Fiverr. "Of course, we want to block bots, but when a tool just blocks bots without explaining why, I still have to investigate it. HUMAN Sightline gives me all the details I need to understand what exactly a bot was doing and why it was blocked. I can zero in on specific threat behaviors and turn these learnings into targeted mitigation strategies." HUMAN Sightline offers three key benefits that revolutionize bot management: Focus and accelerate investigations: Surfaces distinct bot activities, attack paths, and changing behaviors, such as bots targeting specific products or visiting select pages at a glance. Security teams can then uncover hidden patterns and zero in on key attacks, transforming their investigative capabilities. Translate attack data into a board-ready threat narrative: Allows teams to present business-level visualizations of bot behavior and show the effect of their actions over time. This empowers security teams to lead with data-backed authority, bridging the gap between deep technical analysis and business actions. Optimize your security strategy for your unique threats: This enables security teams to gain unprecedented clarity on each attacker's actions and intent to define threat priorities. This real-time adaptability empowers security teams to proactively identify new threat patterns, respond faster, and stay agile against evolving risks. 'HUMAN Sightline completely transforms how the industry thinks about bot management,' said Bryan Becker, Senior Director of Project Management at HUMAN. 'In an industry used to anomaly detection as the only way to measure bot attacks, HUMAN Sightline isolates each bot profile to give security practitioners unprecedented visibility into the behavior of specific threats on their application." HUMAN Sightline insights will be available through a new set of dashboards in HUMAN's Application Protection package. They will also be available in Account Takeover Defense and Scraping Defense at no additional cost. About HUMANHUMAN is a leading cybersecurity company committed to protecting the integrity of the digital world. We ensure that every digital interaction, transaction, and connection is authentic, secure, and human. Our Human Defense Platform safeguards the entire customer journey with high-fidelity decision-making that defends against bots, fraud, and digital threats. Each week, HUMAN verifies 20 trillion digital interactions, providing unparalleled telemetry data to enable rapid, effective responses to even the most sophisticated threats. Recognized by our customers as a G2 Leader, HUMAN continues to set the standard in cybersecurity. To ensure your digital connections are trusted, visit Contact information:Masha Krylova, Director of A photo accompanying this announcement is available at in to access your portfolio
