A new email-based form of crypto ransomware is targeting website owners using banners from Google’s AdSense program.
According to the report by KrebsonSecurity, the scam involves criminals threatening site owners with a flood of bot and junk traffic to trigger Google’s automated anti-fraud system, leading the suspension of their AdSense account for suspicious traffic. In exchange, the fraudsters are asking for a ransom paid in bitcoin in order to avoid the potential of losing AdSense revenue. AdSense is a Google program allowing website owners to run ads on their platforms.
The report cites an unnamed website owner targeted by the scam, who shared an excerpt from the ransom email, saying, “This will happen due to the fact that we’re about to flood your site with huge amount of direct bot generated web traffic with 100% bounce ratio and thousands of IP’s in rotation — a nightmare for every AdSense publisher.”
The message continues, “This means that the main source of profit for your site will be temporarily suspended. It will take some time, usually a month, for the AdSense to lift your ad ban, but if this happens we will have all the resources needed to flood your site again with bad quality web traffic which will lead to second AdSense ban that could be permanent!”
Google told KrebsOnSecurity that the scam is a “classic” threat of sabotage, and that the company has “extensive” tools in place to protect websites against invalid traffic.