Malware for fun and profit…
Many of us are now aware as to the subtle shift in the nature of emerging threats, where once many viruses and Trojans were written for fun (or to prove a point), evidence strongly suggests that malware is increasingly being used as a means to gain profit. I have a good example of such today, Troj/Clickr-EK.
This Trojan among other things, contains functionality to load a very specific website in an Internet Explorer window, enumerating a specific set of links and ‘clicking’ each one as if a user had navigated to, and clicked the links themselves. Interestingly enough the numerous links were all leading to a dutch website named “the crime game of the internet” - all with different referrer id’s.
The website claims to be a game, where “clicks” are used as a type of virtual money. It seemed that one of the members had written this Trojan for the sole purpose of cheating!
Thats not much of a profit, you might say. However the website also seems to reward members with competitions, giving away gifts and prizes such as computer hardware and gaming consoles, to those that come out on top. Perhaps cheating in such a way gave the author (and his friends) enough bias to make winning these prizes a certainty, in which case the profit is very real indeed…
Posted on May 11th, 2007 by Chris Mitchell, SophosLabs Australia.Filed under: Uncategorized
Windows 7 security - A great leap forward or business as usual?
