funsec mailing list archives
CWSandbox vs. Click-Fraud Trojans
From: "Fergie" <fergdawg () netzero net>
Date: Sun, 24 Sep 2006 20:40:24 GMT
Via Honeyblog. [snip] Business Week had an interesting story about click fraud recently (also at /.). This seems to be a really lucrative business and there is of course also malware that helps the attacker to automatically generate clicks on websites. One example of such a piece of malware is Trojan.Clicker (named by F-Secure), which currently also dominates the monthly world map of malware infections. The operation mode of this Trojan is rather simple: after the initial infect (e.g., download via bots), it remains resident in memory and periodically opens certain web pages with the help of Internet Explorer, thus generating clicks on that web page. Hence, the attacker automatically generates revenue from his compromised machines... A more detailed analysis of a particular Trojan.Clicker variant is available as CWSandbox report. [snip] Link(s): http://honeyblog.org/archives/59-CWSandbox-vs.-Click-Fraud-Trojans.html - ferg -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- CWSandbox vs. Click-Fraud Trojans Fergie (Sep 24)
- Re: CWSandbox vs. Click-Fraud Trojans Nick FitzGerald (Sep 24)