Monday, March 23, 2009

Hacked Web Pages Hauls Estimated at $10,000 a Day

Shaun Nichols writes on

The recent wave of search engine optimised web attacks is netting a huge cash haul for hackers and malware vendors, according to researchers.

Security firm Finjan claimed that a single hacker can make as much as $10,800 (£7,400) a day by embedding compromised web pages with links to attack sites and lists of popular search terms.

Finjan chief technology officer Yuval Ben-Itzhak said that the company recently observed a single attack operation involving a set of compromised pages that redirected to a site pushing a rogue anti-virus program.

The attackers had compromised a series of pages which were then embedded with lists of popular search terms collected from services such as Google Trends or current news items. The same pages were then injected with obfuscated code that redirected to the attack page, which used fake alert boxes to convince the user to download and purchase the bogus security software for $50 (£34).

Over a period of 16 days, Finjan recorded some 1.8 million hits from the infected pages. Between seven and 12 per cent of the victims actually downloaded and installed the software, and roughly 1.79 per cent paid the $50 fee.

More here.


Post a Comment

<< Home