Online investigators have exposed a network of hijacked computers that defrauded advertisers by generating billions of fake ad views.
       互聯網調查人員揭露了一個由被劫持的電腦構成的網路，該網路產生了巨量虛假廣告流覽次數，從而欺詐廣告客戶。

       The so-called botnet scheme, which hijacked 120,000 residential PCs in the US and cost advertisers millions of dollars a month, highlights the increasing complexity and opacity of online advertising.
       Spider.io, a London-based start-up that tracks web browsing activity, estimates traffic from the “Chameleon” botnet accounted for almost two-thirds of the total visits to certain websites. The inflated number of page views increased advertising revenues for the websites’ owners.
       追蹤網頁流覽活動的倫敦初創企業Spider.io估計，來自“變色龍”(Chameleon)僵屍網路的流量，在某些網站的訪問總量中占了近三分之二。被誇大的頁面訪問次數因此增加了網站所有者的廣告收入。

       In a report published on Tuesday, Spider.io said the hijacked PCs, which were first infected by a virus,
generated up to 9bn ad views or “impressions” every month across a network of more than 200 sites.
Sophisticated software even mimicked mouse movements and clicks, giving the impression that potential consumers were visiting the sites.
       Spider.io 在週二發表的一份報告中表示，被劫持的電腦首先被一種病毒感染，然後每月在逾200網站的一個網路產生至多90億廣告流覽次數，即“印象”。先進的軟體甚至能夠類比滑鼠移動和點擊，造成潛在消費者正在訪問相關網站的印象。

       “It is difficult to imagine why one would run this type of botnet across a cluster of 202 sites other than to commit display advertising fraud,” Douglas de Jager, Spider.io’s chief executive, said in the report.
       The websites’ owners charge an average 69 cents per thousand ad impressions, meaning the botnet traffic is costing advertisers about $6m a month.

       Mr de Jager told the Financial Times that the scheme was just one of many that the online advertising
industry had been fooled by – or had chosen to ignore.
      “We have already identified at least one other large and wholly distinct botnet – targeting a wholly
distinct cluster of websites,” Mr de Jager added.

       Spider.io did not disclose the names of the site owners, but suggested they may either control the botnets themselves or purchased the “traffic” from its operators.
       The issue highlights the complexities of the internet advertising business, raising new questions about
the controls put in place by ad technology providers.

       The Chameleon botnet also demonstrates the ever-changing tactics of cyber criminals. Networks of
hijacked computers have previously been used to knock a website offline, with botnet operators sometimes
demanding a ransom to bring it back, or to collect large numbers of credit card details.
       “變色龍”僵屍網路還顯示了網路罪犯的手段在不斷變化。以往，由被劫持的電腦構成的網路被用於攻擊某個網站，使其癱瘓（僵屍網路的運行者有時要求得到一筆贖金，作為放過該網站的條件），或者收集大量信用卡資料。

       But as online security improves and such attacks become easier to track, botnets are being redirected to “victimless” crimes akin to insurance fraud – where large numbers of people lose small sums of money, with
few of them ever realising they have been ripped off.
       但是，隨著線上安全措施的改進，加上此類攻擊變得更容易追蹤，僵屍網路正轉向“無受害者”的犯罪行為，類似於保險欺詐，即很多人損失小額金錢，他們當中幾乎沒有人意識到自己吃了虧。

       Christian Carrillo, a vice-president at DataXu, a digital advertising technology provider, said the fraud may be hard to prosecute even if its perpetrators are tracked down, due to the terms of trade in the online ad business.
       數位廣告技術提供商DataXu副總裁克利斯蒂安•卡瑞羅(Christian Carrillo)表示，線上廣告業務的交易條款意味著，即使找到肇事者，這種欺詐也可能難以被提起公訴。