Apollo Exposed: What 400M Fake Ad Requests Reveal About Fraud

Audio advertising is booming. With programmatic audio spend projected to surpass $2 billion in 2025, it's become one of the most promising—and vulnerable—channels in digital media. Where innovation leads, cybercrime follows. And the recent Apollo operation uncovered by HUMAN and The Trade Desk is a case study in just how sophisticated, and damaging, that fraud can be.
At its peak, Apollo accounted for 400 million fraudulent bid requests per day, making it the largest audio-related ad fraud scheme ever detected. But what makes Apollo especially troubling isn't just the scale—it's how convincingly it mimicked legitimate traffic, exploited supply chain blind spots, and leveraged malware-infected CTV devices to obscure its origin.
I spoke with Will Herbig, senior director for AdTech Fraud Research & Strategic Customer Analytics at HUMAN, about the research. He explained that Apollo preyed on a fundamental weakness in server-side ad insertion, the technology used to serve seamless audio and video ads without interrupting user experience. With SSAI, advertisers receive limited telemetry—often just a user-agent string and an IP address—making it an ideal environment for spoofing.
Fraudsters behind Apollo reverse-engineered the ad request flows of legitimate apps, replicating their formats to impersonate real audio ad inventory. They even spoofed apps that shouldn't have been serving audio at all.
'One of the things that sparked this investigation was the question of, why are puzzle apps serving audio ads?' Herbig told me. 'At least in my experience, it's uncommon that a puzzle app or something like that is going to serve an audio ad.'
It was a subtle anomaly—but it set off a cascade of deeper analysis that ultimately exposed Apollo's intricate fabrication tactics.
Apollo's traffic wasn't generated by infected devices in the traditional sense. Instead, bid requests were fabricated wholesale—generated by script, spoofed to resemble real devices, and funneled through residential proxies to mask their true data center origins. Herbig emphasized that the scale Apollo operated at generated traffic equivalent to a the traffic of a mid-sized city like Stamford, Connecticut.
That scale was achieved in part thanks to BADBOX 2.0, a botnet of over a million compromised connected TV devices. Apollo traffickers leveraged BADBOX to route requests through residential IPs, making the traffic appear legitimate and difficult to trace. HUMAN had previously disrupted BADBOX, but its infrastructure was clearly still being exploited.
By layering spoofed app identities, forged device configurations, and residential proxy evasion, Apollo's operators built a fraud operation that slipped through many traditional defenses.
The real damage, however, was in how Apollo exploited programmatic advertising's fragmented supply chain. Many platforms only validate the final seller in a transaction—a check that Apollo often passed. But those 'authorized' sellers were frequently several layers removed from the spoofed origin.
'There can be non-compliance in earlier parts of the supply chain, and then as you get to later parts, things look valid,' Herbig said. 'Many implementations of these supply chain standards are only checking the last place that came from, so everything that happened before that is kind of out of scope.'
This phenomenon—what HUMAN refers to as 'supply chain convergence'—allows spoofed inventory to piggyback on authorized reseller pathways, creating a false sense of legitimacy. It's a loophole that remains dangerously under-policed in today's real-time bidding ecosystem.
HUMAN didn't just uncover Apollo—they helped dismantle it. Leveraging a predictive pre-bid scoring engine and an aggressive response strategy, the company saw a 99% reduction in Apollo-associated traffic across its platform.
'We are effectively demonetizing this supply,' Herbig said. 'By reducing the amount of bids that this inventory is getting… we're making it harder and harder for fraudsters to profit.'
The broader goal, Herbig explained, is to make ad fraud uneconomical at scale. Each operation disrupted increases the operational cost for cybercriminals. Every layer of complexity—whether it's a disrupted proxy network, stricter supply chain checks, or tighter SDK enforcement—raises the barrier to entry.
One of the strongest weapons against operations like Apollo isn't just technology—it's collaboration. HUMAN has leaned heavily into this strategy through its Human Collective, a multi-stakeholder initiative aimed at threat sharing and collective protection.
According to Herbig, 'One of the great things we're doing is threat sharing. When we are observing concentrations of IBT, we are discussing that with the Human Collective, and we're using it as a forum for collaboration and a forum for discussion.'
By sharing intelligence, surfacing patterns, and coordinating responses, HUMAN and its partners are creating a ripple effect across the programmatic ecosystem. The goal isn't to eliminate fraud entirely—it's to tip the cost-benefit equation against the fraudsters.
As Herbig put it, 'We're trying to disrupt the economics of cybercrime… to the point that it becomes not worth it.'
Apollo is a milestone—not just in the scope of audio ad fraud, but in how the industry responds to it. The findings call for stronger adoption of third-party verification tools like the Open Measurement SDK, more rigorous end-to-end supply path validation, and above all, tighter industry-wide collaboration.
Audio may be one of the newest frontiers in ad fraud, but it doesn't have to be the most vulnerable. With vigilance, transparency, and cooperation, the industry has a fighting chance to turn down the noise and restore trust in programmatic audio.

Try Our AI Features

Explore what Daily8 AI can do for you:

Learn with AIFact CheckingText to SpeechAI Summary

Related Articles

UPI

a day ago

• UPI

U.S. company to provide $6 billion loan for British nuclear power project

Protesters hold banners outside Hinkley Point power station in Somerset, United Kingdom, in 2011 against EDF Energy's plans to renew the site with two new reactors. The project began in 2017 and has had delays and funding problems File Photo by Ben Birchuk/EPA June 20 (UPI) -- Apollo, a U.S. asset management group, plans to provide a $6 billion loan to the British nuclear project Hinkley Point C being built by a French multinational electric utility company. Hinkley's estimated cost has soared from $23.7 billion to almost $60.6 billion and won't be operational until at least 2029, Baha Breaking News reported. Construction began in 2017. Apollo will provide an investment-grade debt financing package at an interest rate below 7% for the project developer, Electricite de France, sources told CNBC and the Financial Times. Apollo, which was founded in 1990 by Leonard Black, Josh Harris and Marc Rowan, manages capital for institutional and individual investors. Apollo, headquartered in New York City, had revenue of $26.11 billion in 2024 with a net income of $6.373 billion. The loan has a maximum maturity of 12 years. EDF is building two new nuclear reactors at the site in Somerset and will be able to borrow $2 billion each of the three years as part of the package. The company has had a shortfall since China General Nuclear Power Group, which was supposed to provide a third of the cost of the project, stopped providing further financing in 2023. CGN was removed by the British government from another project -- Sizewell C -- because of concerns about Chinese influence. The funding could be used for other British projects by EDF. Jamshid Ehsani, head of global principal structured finance at Apollo, described the deal as the "largest ever" sterling private credit deal. "It's going to help finance a critical, low-carbon nuclear project. This is the business Apollo is in today," he said. "Europe is a huge focus for us."

Yahoo

a day ago

• Yahoo

The Trade Desk vs. PubMatic: Which Ad-Tech Stock Is the Better Pick?

Both The Trade Desk TTD and PubMatic PUBM play pivotal roles in the programmatic advertising ecosystem, but at opposite ends of the spectrum. TTD operates a leading demand-side platform (DSP), which helps advertisers focus on data-driven ads. PubMatic, on the other hand, is a sell-side platform (SSP) that helps publishers across the open internet to control access to their inventory and boost monetization. Since both firms having massive exposure to the booming CTV and retail media trends, this makes for an intriguing comparison for investors. So, which stock makes a better investment pick at present? Let's deep dive into the pros and cons for each company. TTD is confident in its ability to outpace the market and seize future opportunities owing to solid execution across key initiatives — connected TV (CTV), retail media, international expansion, Kokai, UID2 and OpenPath. The acquisition of Sincera, a leading digital advertising data company, will aid in enhancing its programmatic advertising platform by integrating Sincera's actionable insights on data quality. It recently unveiled the OpenSincera application to offer Sincera's rich advertising metadata to the ad tech ecosystem. The company's Kokai platform is being used by two-thirds of the clients, much ahead of schedule. The platform is delivering on lower funnel KPIs, including 24% lower cost per conversion and 20% lower cost per acquisition, per TTD. 100% adoption by clients is expected to be completed by this year's end. The integration of Koa AI tools was highlighted by management as a 'game changer' for the Kokai platform. It recently introduced Deal Desk, an innovation within its Kokai platform designed to enhance how advertisers and publishers manage one-to-one deals and upfront commitments. First-quarter revenues of $616 million jumped 25% year over year and surpassed management's guidance of at least $575 million. Adjusted EBITDA was $208 million (34% margin) compared with $162 million (33% margin) in the year-ago quarter. Video, which includes connected TV or CTV, represented a high 40 percent share of digital spend, while mobile had a mid-30 percent share. Display constituted a low double-digit share, and audio represented around 5%. Customer retention was over 95% for the quarter reported. Nonetheless, increasing macroeconomic uncertainty and escalating trade tensions do not augur well for TTD, as these could squeeze ad budgets. TTD highlighted the impact of the volatile macro backdrop, particularly on the large global brands. If macro headwinds worsen or persist into the second half of 2025, revenue growth may face further pressure due to reduced programmatic demand. The intensely competitive nature of the digital advertising industry, dominated by industry giants like Alphabet and Amazon, continues to put pressure on TTD's market position. While CTV remains a strong revenue driver, the market is increasingly fragmented and competitive. Heavy reliance on CTV for growth is a concern, as any adverse impact on this segment could weigh heavily on the company's overall performance. Moreover, TTD derived 88% of its revenues from North America, while only 12% came from international markets. A weak international footprint limits TTD's total addressable market expansion potential. Excluding the drag from a large DSP client and political ad revenues, PubMatic's underlying business grew 21% year over year in the first quarter of 2025. The strong momentum is being driven by secular tailwinds in CTV, SPO (Supply Path Optimization) and emerging revenue streams. Importantly, these growth drivers now comprise 70% of total revenues, signaling a diversified business that is less dependent on legacy display advertising. Like TTD, PUBM is gaining from growth in the CTV business, which bolsters its strategic positioning in the high-growth programmatic video. PUBM is expected to gain from the continuing shift of ad dollars from linear TV to streaming, especially in a market favoring programmatic spot buys with flexibility over heavy upfront commitments. PubMatic has already secured over 80% penetration among the top 30 streamers. In the last reported quarter, CTV revenues surged over 50% year over year, while omni-channel video revenues grew 20% and represented 40% of total revenues. PubMatic is also heavily investing in Activate for SPO, Convert for commerce media, and Connect for curation to drive growth and create sticky customer engagement. Strategic partnerships like Spectrum Reach and TCL in live sports augur well. PubMatic is embedding AI across its portfolio to enhance both efficiency and outcomes. It has launched a GenAI-powered end-to-end platform that offers buyers direct access to the open internet almost entirely. This technology aids in optimizing the entire stage of the media buying process, including inventory discovery and performance optimization. PubMatic is scaling across international markets. The company is witnessing strong performance in India, Europe, Australia and Japan. The recent expansion of its collaboration with BBC and other traditional broadcasters indicates growing recognition of PUBM's platform for streaming monetization. Given these factors, PUBM forecasts $66-$70 million in revenues, assuming over 15% year-over-year growth of the underlying business. The competitive landscape and the ongoing macro uncertainty and cautious advertiser behavior are concerning. One of PubMatic's major DSP clients also revised the bidding approach, affecting PUBM's top line. In the last reported quarter, revenues declined 4% year over year despite strength in the underlying business. Year to date, PUBM and TTD have lost 24.7% and 41.6%, respectively, amid macroeconomic uncertainties and effects of tariffs and inflation surrounding the industry. Image Source: Zacks Investment Research Valuation-wise, TTD is overvalued, as suggested by the Value Score of F, while PUBM has a Value Score of B. Image Source: Zacks Investment Research In terms of the forward 12-month price/earnings ratio, TTD shares are trading at 10.87X, higher than PUBM's 1.74X. Analysts have made significant downward revisions for PUBM's bottom line. Image Source: Zacks Investment Research For TTD, there is a relatively lower downward revision. Image Source: Zacks Investment Research TTD and PUBM currently carry a Zacks Rank #3 (Hold) each. You can see the complete list of today's Zacks #1 Rank (Strong Buy) stocks here. The Trade Desk, driven by its leading DSP position, rapid innovation through platforms like Kokai and OpenPath, and strong execution in high-growth areas like CTV and retail media, emerges as a stronger investment case. While PubMatic shows potential, significant downward estimate revision and declining revenues keep us on the sidelines. Want the latest recommendations from Zacks Investment Research? Today, you can download 7 Best Stocks for the Next 30 Days. Click to get this free report The Trade Desk (TTD) : Free Stock Analysis Report PubMatic, Inc. (PUBM) : Free Stock Analysis Report This article originally published on Zacks Investment Research ( Zacks Investment Research

Bloomberg

a day ago

• Bloomberg

Cliff Asness Says Retail Push for Private Assets Is a ‘Terrible' Idea

Welcome to ETF IQ, a weekly newsletter dedicated to the $14 trillion global ETF industry. I'm Bloomberg News reporter and anchor Katie Greifeld. It's clear that private market titans like Apollo, KKR and Blackstone have their sights set on individual investors and retirement plans. It's a familiar pitch: private assets offer diversification and potentially higher returns. And as more companies delay going public, retail investors should be able to own them, too.