Information Security, Top News

​Google, Yahoo, Facebook Collaborate to Blacklist Bad Bots



The major tech companies including Google, Facebook, and Yahoo! have joined their hands to launch a new program meant to block fake web traffic by blacklisting flagged IP addresses.

Today, majority of data center traffic is non-human or illegitimate, so to fight against this issue the Trustworthy Accountability Group(TAG) has announced a program that will tap into Google’s internal data-center blacklist to filter bots.

The new pilot program will reject traffic from web robots or bots by making use of a blacklist, cutting a significant portion of web traffic from within data centers, said Google Ad Manager Vegard Johnsen.

Google or any other big tech firm maintains a Blacklist that lists suspicious IP addresses of computer systems in data centers that may be trying to trick the human into clicking on advertisements. Google’s DoubleClick blacklist alone blocked some 8.9% of data-center trafficback in May.

Facebook and Yahoo to Contribute

Apart from Google, TAG’s new program will take help from other industry leaders, including Facebook, Yahoo, Dstillery, MediaMath, Quantcast, Rubicon Project and TubeMogul, to share their own internal data-center blacklists.

“By pooling our collective efforts and working with industry bodies, we can create strong defenses against those looking to take advantage of our ecosystem,” Johnsen said in a blog post.“We look forward to working with the TAG Anti-fraud working group to turn this pilot program into an industry-wide tool.”



Click fraud have become a major issue for big companies as it steals money from advertisers and reduces faith in online campaigns.

Fraudsters are making Millions

Some publishers even run specialized tools in data centers that generate fraudulent ad impressions to inflate user clicks.Two such tools are listed below:

UrlSpiritHitLeap

UrlSpirit is a software that serves as a form of botnet. Named URLs are distributed among Internet Explorer (IE) instances running on most of the data center boxes that operate UrlSpirit.

The search engine giant discovered nearly 6,500 installations of UrlSpirit generating 500 Million fake ad requests or an average of 2,500 ad requests per installation per day.

On the other hand, HitLeap is another software that uses the Chromium Embedded Framework, instead of Internet Explorer.

HitLeap is larger with 4,800 installations network of which 16% are operating in data centers.

Mike Zaneis, Trustworthy Accountability Group’s chief executive, declared its new pilot program would also tackle fraudulent advertisements.

“This program is another piece of the interlocking set of solutions TAG is building to fight fraud across the entire ecosystem,” says Zaneis. “The industry is galvanizing its efforts and we will win the war against fraud.”



TAG will soon release a set of principles for online users comments that will be then incorporated into the final pilot program. The ad fraud detection tool will be available to the public by the end of 2015.



Previous ArticleNext Article

Founder and Editor-in-Chief of ‘Professional Hackers India’. Technology Evangelist, Security Analyst, Cyber Security Expert, PHP Developer and Part time hacker.

Leave a Reply