Tuesday, October 03, 2006

Instant Messaging Clickfraud? Hackers use Botnet Tactics in IM Land...

paperghost writes on vitalsecurity.org:

For quite some time, I've seen certain Botnets perform the following trick: install some garbage, and hijack the end user's homepage. The hijacked page usually contains nothing more than a bunch of adverts - and, should the curious end-user click them (which they inevitably will) the bad guys rake in the dough from whoever runs the Ad Network and the advertisers or whoever.

Now, automated drones are great, but eventually you will be caught out. Even the best auto-clickers aren't particularly brilliant. But what if you could organise a network of drones that weren't machines but actual people? What if you could do away with all that awful technical IRC jibber-jabber and run what is effectively a Bot-less Botnet? What if...you could take some code from last month, rejiggify it a little and launch IM infections from simply visiting a webpage in IE, as opposed to all the HEY LOL CLICK THIS nonsense you usually have to do?

Well, today's your lucky day, kids!

More here.

0 Comments:

Post a Comment

<< Home