Digital Advertising

Adform claims to have discovered the largest bot network, generating over 1.5 billion requests a day

By Stephen Lepitak | -

November 21, 2017 | 4 min read

What is claimed to be the largest bot network ever has been discovered by Adform, which it has said was possibly four times the size of the Methbot network unearthed less than a year ago and accessing over half a million IP addresses, mainly located in the US.

The fraud team at the adtech firm has released a report explaining how it discovered the network, which it named HyphBot, and added that it thought the impact on its platforms were limited to under $1,000 a month.

According to the report, the network was discovered using Adform’s algorithms and analytics and was generating up to 1.5 billion requests each day across 34,000 domains, which included premium publishers, and was targeting over 1 million URLs.

Credit: Pixabay

Adform claims to have found the largest bot network

Adform explained that it had identified how the network was able to gain access to details of its operation and had accessed parts of its source code in order to understand how the premium sites were ‘faked’ and where ads were displayed.

The inventory targeted was predominantly video at 1,578,765,000 requests, with the primary activity having begun in August and may have amounted to almost $1.5m in header bidding spend.

The latest marketing news and insights straight to your inbox.

Get the best of The Drum by choosing from a series of great email briefings, whether that’s daily news, weekly recaps or deep dives into media or creativity.

Sign up

“We have access to the IPs of data centers where those servers are hosted. We also have direct access to advertising tags that are placed directly in the source code. This means [that] we have information on where exactly the bid requests originate from,” the company also claimed.

By country, the US generated 1,787,729,200 requests, while the UK drew 6,830,100, Canada saw 2,432,800 and India had 1,018,100.

Adform advised demand- and supply-side platforms (DSPs and SSPs) to check for patterns highlighted within the report within their data warehouses and investigate cookie requests from those who visited within those patents, and to shut down any non-transparent source.

“There needs to be a real cost of doing business with fraudulent players,” it added before advising to block any cookies found to be infected and to enforce ads.txt

Digital Advertising

More from Digital Advertising

View all


Industry insights

View all
Add your own content +