'Chameleon Botnet' takes $6-million-a-month in ad money

'Chameleon Botnet' takes $6-million-a-month in ad money

تاریخ ایجاد

ID: IRCNE2013031794
Date: 2013-03-22

According to “CNet”, Spider.io, a security researcher, announced that it has discovered a new botnet, called Chameleon, that's targeting "at least" 202 Web sites. The botnet is made up of over 120,000 host machines running Windows, according to Spider.io. Those machines are connecting to the Web with a Flash-friendly Trident-based browser that executes JavaScript. The vast majority of the machines -- 95 percent -- have come from U.S.-based IP addresses.
The botnets have targeted at least 202 Web sites, hitting them with as little as 9 billion ad impressions. The sites themselves are receiving 14 billion ad impressions, meaning the majority are coming from the botnet.
But here's the crux of the issue: advertisers are paying the sites 69 cents per thousand ad impressions, believing that they're legitimate. The Chameleon botnet, therefore, is able to siphon $6 million per month in cash from the advertisers.
Although botnets have been used to target text ads, they've largely stayed away from display ads because of the more sophisticated way in which advertisers analyze activity. In many cases, that analysis catches botnets before they have a chance to take hold. However, according to Spider.io, Chameleon is extremely sophisticated and act as though they're normal users surfing the Web. Still, the botnet has some hallmarks that give it away. According to Spider.io:
Despite the sophistication of each individual bot at the micro level, the traffic generated by the botnet in aggregate is highly homogenous. All the bot browsers report themselves as being Internet Explorer 9.0 running on Windows 7. The bots visit the same set of websites, with little variation. The bots generate uniformly random click co-ordinates across ad impressions and the bots also generate randomised mouse traces.
The discovery of the Chameleon botnet comes a little over a month after Microsoft and Symantec announced that they had taken down another botnet, known as Bamital, that redirected Web sites.

برچسب‌ها