CTV malware costing advertisers US$6 million per month identified

A prolific CTV advertising fraud scheme dubbed ‘SmokeScreen’ has been curbed by a New York software company.

The SmokeScreen fraud allowed screensavers to hijack CTV devices to generate impressions, even when the screen is off. 

The malware was delivered via a fraudulent screensaver application, and generated impressions using falsified data. The end-user would have no idea that SmokeScreen was running on their device, even though the typical hijacked device generates three times the impression volume of its legitimate counterpart.

The scheme was identified by software platform DoubleVerify (DV), which said that it has now neutralised SmokeScreen.

DV said that its work in neutralising SmokeScreen helps its clients and partners to avoid wasted investment, but warned that the scheme – which generates more than 300 million ad requests, valued at over US$6 million per month –  remains active on nearly 10,000 unprotected devices.

Mark Zagorski, CEO at DoubleVerify, said: “As fraudsters continue to aggressively target the CTV space, we are committed to blocking emerging fraud schemes across all devices, formats and ad delivery platforms. Safeguarding the brands we serve is our first priority, since it directly impacts ad effectiveness. Fraud harms inventory quality, which in turn drives suboptimal business outcomes for global advertisers. Through the incredible efforts of our Fraud Lab, DV is providing CTV advertisers with much-needed transparency and protection, while helping to preserve the monetization opportunity for quality publishers.”

Roy Rosenfeld, Head of DV’s Fraud Lab, said: “CTV ad fraud doesn’t just impact advertisers. It’s harmful for the entire ecosystem – siphoning revenue from high-quality CTV publishers and app developers, as well as streaming platforms.”