NEW New report: Invalid click rate benchmarks of 85,000 Google accountsCompare yours here
New report: Invalid Click Rate Benchmarks
Compare yours
Fraud Blocker Logo
Sign in
Start Free Trial
methbot ad fraud case

Methbot: Ad Fraud’s Infamous $7 Million Heist

  • June 16, 2025
methbot ad fraud case

Dubbed as one of the largest and most lucrative ad fraud operations of its time, Methbot’s is still seen as the poster boy when it comes to fraud online. Its sophisticated operation allowed its operators to reap millions of dollars a day, creating a significant dent in the ad industry and highlighting the need for collective action to address ad fraud.

And although the Methbot operation has been surpassed in terms of financial and technical impact, it remains a fascinating example of real-life ad fraud.

What was Methbot?

Methbot was an advanced ad fraud operation which was uncovered in 2016 and finally shut down in 2018. At its peak, it was thought to be making its operators around $3 million per day in fraudulent ad views.

It did this by spoofing a huge inventory of premium web domains – basically taking what looked like high-quality websites such as CNN.com or the Wall Street Journal – and filling these fake sites with video ads and then using bots to generate impressions.

Methbot used spoofed websites to deliver real ads to fake users, defrauding ad platforms in the process.
To do this successfully,

Methbot used a network of bots, also known as a botnet, to watch an estimated 300,000 video ads every day. This bot traffic came from a network of infected computers which were routed through proxy servers, mostly in the USA and Western European countries such as the UK and the Netherlands.

Designed and operated by a Russian-based cybercriminal group, the Methbot operation flew under the radar for several months before being flagged by White Ops, now known as Human Security.

How did Methbot work?

The operation ran on a network of servers and used fake webpages, created to mimic thousands of legitimate sites, including premium publishers like The New York Times, The BBC, and Forbes. This fake inventory was then offered up to advertisers through multiple programmatic advertising platforms

The network used by Methbot was massive, consisting of over 570,000 IP addresses, most of which were fraudulently obtained to appear as though the traffic was coming from legitimate residential ISPs in the United States.

This facade lent an air of authenticity to the traffic, deceiving ad verification mechanisms into believing the views were legitimate.

And by using automated browsers, Methbot simulated mouse movements, clicks, and social network login information to imitate the behavior of real human audiences. The bots were programmed to watch video ads, interact with web pages, and even mimic the act of pausing ad blockers, generating millions of dollars in fraudulent ad revenue through wire fraud and concealing the origins of this revenue through money laundering.

Who ran the Methbot operation?

A Russian national, Aleksandr Zhukov, was identified as the main mastermind of the Methbot operation. He even portrayed himself as ‘The King of Fraud’ online, often bragging about his accomplishments.

However, Zhukov wasn’t acting alone. He hired numerous individuals highly skilled in programming, web development, and cybersecurity, most from Russia or former Soviet states.

This group operated under the title Ad Faud Komanda (AFK) – although Zhukov presented a more professional side through a fake ad platform called Media Methane.

Some members of the team behind Methbot eventually went on to build the next big ad fraud network, known as 3ve (Eve). Although by the point 3ve started to operate, the Methbot operation was being wound down.

Despite the international nature of the crime, bringing the perpetrators to justice proved to be exceedingly challenging due to jurisdictional limitations and the anonymity afforded by the internet.

methbot ad fraud Aleksandr Zhukov

Source: Aleksandr Zhukov, photo evidence from the US Dept. of Justice.

How much money did Methbot make?

The financial impact of Methbot was huge – whatever source you look at. When the operation was busted, it was thought that Methbot generated between $3 million to $5 million in fraudulent revenue per day. This figure was derived from the operation’s ability to generate between 200 million to 300 million fraudulent ad impressions daily.

However, Zhukov was only found liable for $7 million, which is still not an inconsequential number – and likely not the whole story.

However much was really involved, Methbot had a significant impact. And by using wire fraud conspiracy to generate fraudulent ad impressions and a money laundering conspiracy to conceal the origins of the fraudulent revenue. This sophisticated scheme highlights the significant financial impact and the complex criminal activities associated with digital advertising fraud.

Is Methbot still running today?

No.

A federal jury in Brooklyn convicted Zhukov of wire fraud and money laundering in 2021, marking a significant milestone in the fight against digital advertising fraud.

However, the threat of similar ad fraud operations persists. Cybercriminal organizations continue to evolve, developing new and even more sophisticated techniques to exploit the digital advertising ecosystem. In fact, one of the main reasons Methbot is so famous is because the operators were arrested and charged – one of the few cases where this has happened.

And while Methbot was undoubtedly one of the most damaging ad fraud operations of it’s time, it has since been surpassed countless times by bot based fraud networks such as Hydra, DrainerBot and Vastflux – among countless others.

In addition to these bot ad fraud scams, we’ve seen many cases of publisher and network based fraud such as the infamous case of Uber. And barely a day goes by without another scandalous headline about the millions lost to a click fraud money laundering conspiracy somewhere online.

How to protect yourself against ad fraud?

Business owners rely on PPC ads. And for good reason. Google Ads and the programmatic ecosystem still offers incredible reach to a global audience for what remains a competitive price – despite the rising costs of online advertising.

The legacy of Methbot serves as a stark reminder of the perpetual arms race between cybercriminals and the defenders of the digital advertising world.

Methbot was a wake-up call for the digital advertising industry. It showcased the sophistication and scale that modern cybercrime could achieve, exploiting the complex and often opaque online advertising ecosystem.

Advertisers need to be aware of the risks and take steps to prevent their own ad campaigns being hit by malicious traffic, of all types; whether that’s competitors, low quality click traffic or bot farm traffic.

Click fraud software solutions such as Fraud Blocker are an essential addition to the advertisers toolkit.

Run a traffic audit on your own Google Ads, Facebook or Instagram Ads with a 7-day free trial.

Facebook
Twitter
LinkedIn

More from Fraud Blocker