The attackers used a variety of techniques to get around Google AdSense audits, including regional targeting and page-switching.