By Dave Porter

(AXcess News) Reno -  A multi-million dollar click fraud ring operating out of Singapore has been broken, thanks to Anchor Intelligence, who identified and eliminated DormRing1, the largest click fraud ring ever uncovered.  Yet surprisingly, no arrests were made.

The thieves operated out of dormitories at Shanghai Technology Institute and other Chinese technical universities.  Thousands of publisher sites were involved, Anchor Intelligence said.

Anchor estimates DormRing1, if undetected, would have cost advertisers over $3 million over the course of a year.  In just two weeks, DormRing1 traffic was instructed to generate fraudulent clicks on the ads of nearly 2,000 advertisers across multiple ad networks; these clicks originated from approximately 200,000 compromised IPs.

Both the National Cyber-Forensics & Training Alliance (NCFTA) and Federal Bureau of Investigation (FBI) were involved in the investigation and according to Anchor Intelligence, their investigation is on-going in trying to get authorities in Shanghai to cooperate in arresting those involved.

Comments from an Anchor executive confirmed that authorities have not been able to gain the cooperation of the Chinese government in apprehending these criminals.

Richard B. Sim, Vice President of Product Management & Marketing at Anchor Intelligence told AXcess News, "We've been working directly with the NCFTA and the San Francisco division of the FBI to share intelligence on these operations; it wasn't the first time they've seen some of these players."

"Even in very airtight cases, it's often difficult to get cross border cooperation to actually drive prosecutions," explained Sim.  "There are exceptions though such as Operation Phish Phry, which involved cross-border arrests, but they can take a long time."

According to China's State Council Information Office (SCIO) which regulates the web, there are now 338 million Internet users in China and the government admits that "more regulation is needed".

Cai Mingzhao, vice-minister of SCIO, said at the UK-China Internet Roundtable held in London in late July, "The government should make efforts to strengthen the legislation of the Internet so it can be regulated effectively."

Yet China's government seems more bent on curbing public opinion by clamping down on the 181 million Chinese who write blogs on the web, calling it a "news channel".

Some of the students involved in the click fraud case may end up being some of China's brightest future Internet architects who may as a result be 'untouchable' by US regulators, despite their blatant thefts.  China itself could care less what happens to foreigners online and is only interested in civil disobedience when it comes to bloggers commenting on what's going within their Country.

But Cai defended the SCIO saying China must deal with new Internet-related issues as they arise, so the Internet can be better managed.  Yet several major search engines with Chinese operations may have been involved in the losses occurring from the actions of the students who operated the click fraud ring, which may be why those websites were taken down shortly after being exposed by Anchor Intelligence in some coordinated action on the part of either the cyber criminals who operated it, or pressure from Cai's SCIO.

Sim would not release details on which ad networks were involved in the click fraud investigation, only saying that "We've observed DormRing1's activity across dozens of search and ad networks from the top tier to the second and third.  Given its sheer size, I can't imagine any ad network or search engine was out of DormRing1's reach."

Regardless of China's lack of cooperation in arresting the leaders of the Singapore click fraud ring, the fact that Anchor Intelligence has been successful at identifying sources is a first step in shutting down more operations similar to DormRing1, albeit smaller and in many cases, individual publisher sites.

Anchor CEO Ken Miller urged web publishers and advertisers alike to use the Anchor ClearMark system to identify and eliminate click fraud sources.  ClearMark was the resource Anchor used to identify and break apart DormRing1.

"Every buyer or seller of online advertising that uses ClearMark becomes an instant winner," said Miller.

Anchor says it has identified and eliminated over 200 click fraud rings involving at least five million distinct IP addresses with the help of its partners and clients. By identifying suspicious overlaps in audience segments and behaviors across its network, Anchor Intelligence uncovers new click fraud rings and applies its insights to its entire customer base. Fraudulent publishers are removed from a network’s system before ad fraud can impact advertisers.

Miller's Company indicated that while DormRing1 was shut down similarly architected rings have emerged out of India and parts of Southeast Asia and that by no means is the battle over.

"Click fraud rings are constantly evolving their tactics while trolling for vulnerable networks and advertisers," cautioned Miller.  "Rather than fighting the arms race against the fraudsters alone, Anchor customers have chosen to leverage the collective intelligence of our network to develop a super strong line of defense against these rings."