There's a piece of the puzzle missing for me. Please anyone correct me if I am wrong.
I understand advertising though broker networks to work as follows: (i) advertiser pays the broker per view/click, (ii) the broker takes a cut, and (iii) pays the publisher.
For click fraud to generate revenue (rather than just waste competitors' money), the publisher has to be part of the scam - faking the view/click activity to get the advertiser to put money into their pockets via the broker.
So, this part of the article interested me:
What makes matters worse is that the Methbot operators are impersonating these legitimate domains, touting themselves to advertising networks, and placing these ads on fake websites.
Make matters worse? Without the impersonation all that would be happening is that the scammers would be enriching the brokers and the legitimate publishers mentioned.
I don't expect ZDNet or anyone else to explain how it was possible to fool an ad broker into thinking that your site is the Huff Post, but surely that's a huge part of the problem. Too many people (either advertisers, or individual brokers, or the broker networks - or ALL of them) have no idea which domain (or which channel on a domain) is serving their ads - or if they have access to that information, then they are not using it.