Forgot your password?
typodupeerror
It's funny.  Laugh. Security

Click Here To Infect Your PC! 215

Posted by kdawson
from the proving-a-point dept.
Email me for FREE viruses writes "Just how many people would click an ad saying "Is your PC virus-free? Get it infected here!"? According to the security researcher who ran that very ad on Google for 6 months, 0.16% (409 of 259,723) would click on it. 98% of those people were running Windows. The Google Adwords campaign cost $23 in total, which works out to $0.06 per infection had the site actually been malicious."
This discussion has been archived. No new comments can be posted.

Click Here To Infect Your PC!

Comments Filter:
  • by Anonymous Coward on Wednesday May 16, 2007 @05:51AM (#19142723)
    Then went and clicked on the link in the article? :P
  • by Xiph (723935) on Wednesday May 16, 2007 @05:51AM (#19142725)
    to tech professionals, that users need clue distributed by bat
    • Re: (Score:3, Interesting)

      by mrbluze (1034940)
      It's like sex. People know full well they'll get infected, they click, they get infected, they spend several months or years in denial until their body slows to a crawl.
      • by the unbeliever (201915) <chris+slashdot&atlgeek,com> on Wednesday May 16, 2007 @05:56AM (#19142757) Homepage
        Getting rid of most std's is easier than getting rid of some spyware/viruses...

        Consider your average spyware/virus akin to chlamydia or syph, while the really nasty stuff is more like aids/herpes...

        Granted, you can't reformat your body and get rid of it, but if you consider a reformat more along the lines of reincarnation...
        • Getting rid of most std's is easier than getting rid of some spyware/viruses...

          We need to go on a crusade to teach people how to surf porn safely, such as avoiding using a firewall on a microsoftie, but to make sure you have a hardened system first!

        • by Eivind (15695) <eivindorama@gmail.com> on Wednesday May 16, 2007 @06:25AM (#19142905) Homepage
          The worst-case scenario are however very significantly different.

          Worst-case for a virus-infected windows-machine ? Complete reinstallation. A day lost, hell make it "toss away $1000 machine".

          Worst-case for std ? Death.

          Not really comparable.

          • Re: (Score:3, Informative)

            by repvik (96666)
            Worst case isn't "complete reinstall". It's "complete reinstall, and remove BIOS to reflash on another board". There are viruses that reflashes your BIOS rendering your PC unbootable.
            • Re: (Score:3, Insightful)

              by cornjones (33009)
              no, worst case is all of your data compromised, potentially financial/personal etc....

              it is possible that this would be worse than death for some (unlikely, but possible)
          • For most users, yes that is among the worst, though not the worst.

            Worse than reinstall: Having your private records emailed to others

            Especially if your private records are government espionage records. Say your machine had a document you were preparing for your superiors detailing activities of some of your undercover intelligence operatives in foreign countries. Say the computer infection sent that information out. Worst case under this scenario: death of your agents, and death of your fellow citizens as t
    • While idly clicking around on the Didier Stevens' page, I found the following gem (on the page about Spamdexing [wordpress.com]):

      These are the fields of a click-trough event entry:

      • ...
      • Query - the query issued by the user, case shifted with most punctuation removed.
      • ...

      Hmmm, interesting. Wanna have some phun? Search for some offensive and/or funny phrase, and if ads come up, clickety away! (Hint: work brand names into your query... However, for some reason, word plays on Wii don't give the expected results... No ads,

    • by simm1701 (835424)
      See the T Shirt

      http://www.cashncarrion.co.uk/products/16064/682/ [cashncarrion.co.uk]

      (No I'm not affiliated with them)
  • Sad... (Score:4, Funny)

    by Max Romantschuk (132276) <max@romantschuk.fi> on Wednesday May 16, 2007 @05:52AM (#19142733) Homepage
    The sad thing is that using something more enticing like "Free boobs this way" would send millions of clueless Joe Windowses your way... All ripe for the picking.
    • Re:Sad... (Score:5, Funny)

      by Architect_sasyr (938685) on Wednesday May 16, 2007 @06:04AM (#19142795)
      Which way did you say?
    • Badsense (Score:5, Funny)

      by Dogtanian (588974) on Wednesday May 16, 2007 @06:53AM (#19143035) Homepage

      The sad thing is that using something more enticing like "Free boobs this way" would send millions of clueless Joe Windowses your way...
      I can see the advert now:-

      Free boobies for all! [wikipedia.org]
      Cute booby chicks for your delectation! aff
      en.wikipedia.org
      • nice tits [williamtasso.com]
      • Re: (Score:3, Informative)

        The sad thing is that using something more enticing like "Free boobs this way" would send millions of clueless Joe Windowses your way...

        I can see the advert now:-

        Free boobies for all! [wikipedia.org]

        Cute booby chicks for your delectation! aff

        en.wikipedia.org

        Don't forget the penduline tits [wikipedia.org]! And of course for those with more, erm, "eccentric" tastes, there's also tits of the bearded [wikipedia.org] variety...

    • Re: (Score:2, Funny)

      by SkyDude (919251)

      The sad thing is that using something more enticing like "Free boobs this way" would send millions of clueless Joe Windowses your way... All ripe for the picking.

      And of course, no *nix users would EVER do that.....

    • Re:Sad... (Score:5, Funny)

      by ZOMFF (1011277) * on Wednesday May 16, 2007 @08:39AM (#19143663) Homepage
      It's true. Free porn is a great way to get people to click on things they usually wouldn't click on. While I was in college about 8 years ago, I set up a porn share from my computer that was password protected. I also included a file called GET_PORN_PASSWORD.EXE which popped up a box with the password. The EXE also installed the client stub for Sub7 (a type of back-orafice program). Since Sub7 was fairly new, none of the antivirus software picked up on it. Over the next 24 hours I had pretty much 8,000 machines that I could fully remote, pull data off of, log key strokes, etc (my personal favorite was opening the cdrom drive and playing a "FEED ME" wave file).

      Luckily I was never questioned about the matter and by the time most people caught on, Antivirus definitions were updated to detect the Sub7 stub.
      • Re: (Score:3, Interesting)

        by c_forq (924234)
        I remember using Sub7 in High School, a friend and I infected an entire computer lab and would mess with random people during our computer literacy class. My favorite tricks were the flipping the monitor image and the matrix-screen thing. It lasted a few months before the anti-virus started detecting and fixing our backdoor. A couple years after I graduated a kid was expelled from my school for doing about the same thing, so I'm glad we were never caught.
  • 0,16% (Score:5, Insightful)

    by JanneM (7445) on Wednesday May 16, 2007 @05:53AM (#19142737) Homepage
    At a click rate of 0,16% - about one in 600 - I have to wonder if not a fairly large portion is simple click errors. You intend to click on some other link nearby on the page but by mistake click that one instead. There's several kind of interaction slips just like that that we do in other circumstances after all.

    • Underserved group (Score:5, Interesting)

      by Nymz (905908) on Wednesday May 16, 2007 @06:08AM (#19142805) Journal

      At a click rate of 0,16% - about one in 600 - I have to wonder if not a fairly large portion is simple click errors.

      At first I thought the same thing, just random misclicks. But then it hit me, there are a large number of users on the internet that don't have the know-how to install a virus on a computer of someone they hate, like an uppity coworker.

      Imagine a bussiness model that would allow anyone to simply 1-click and install a virus (not a feature, those are patentable). Revenue would be generated with advertisments downloaded by the trojan, that would popup at random times on the victims computer. In essence, the victim would have to pay for the service. Brilliant!
    • by nyctopterus (717502) on Wednesday May 16, 2007 @06:10AM (#19142811) Homepage
      And of that tiny percentage how many were Windows users taking the fairly safe bet that the ad didn't do what it said?
      • by Zonk (troll) (1026140) on Wednesday May 16, 2007 @07:27AM (#19143167)
        Virus scanners create a false sense of security.

        <user> I have Norton. My computer is now immune to all viruses.
        (one week later)
        <user> I have a virus, can you fix it?

        I've seen people many times think that because they had Norton or McAfee, that they could do whatever they want without having to worry about getting a virus and act reckless. Open every attachment they get in email, downloading and running random .exes from "FREE!!!!!!!!!" sites, use Internet Explorer, etc.
        • Re: (Score:2, Insightful)

          by nyctopterus (717502)
          I wasn't talking about virus scanners, I was thinking more along the lines that it's very unlikely that the ad did what it said it would do, and much more likely it was study or a joke -- people would guess that before clicking it.
    • Click errors, or pranksters being in an Internet café, in a computer shop, at school, at a "friend's" house, or being employees just about to be fired, who want to adequately "prepare" their PC for their successor.
    • or cache pre-fetch (Score:5, Interesting)

      by jamesh (87723) on Wednesday May 16, 2007 @06:44AM (#19142999)
      Would any aggressive cache pre-fetch engines follow links like this?
    • Re:0,16% (Score:4, Insightful)

      by dour power (764750) on Wednesday May 16, 2007 @07:42AM (#19143243)
      Even those who deliberately clicked on the link could have easily read the text as, "Get it inspected here!" Not an excuse, but certainly understandable. How many /. article postings contain at least one sincere reply of the form, "Am I the only one who read that as...?"
    • Does it matter? I'm sure the virus writers are going to go "hmm, I don't think this person REALLY meant to click on the button to get here, let's not infect him!"

      If people get into trouble because of clumsiness, that's still a valid sample. And if, like Microsoft, you chase any desktop market including the clumsy desktop market, you can't claim that security failures which exploit clumsies somehow don't count.

  • Hmmm (Score:5, Insightful)

    by gordgekko (574109) on Wednesday May 16, 2007 @05:54AM (#19142751) Homepage
    It's news that at least 0.16% of people are idiots? Actually I'm shocked the number was this low. This is actually good news.
    • by belmolis (702863)

      Well, it means that 0.16% are idiots who can read. Unknown hordes of idiots can't read or don't use computers.

    • Re: (Score:2, Interesting)

      by Imaria (975253)
      I was thinking the same thing; this actually bodes far better for common sense than I would have imagined otherwise.
    • Re:Hmmm (Score:5, Insightful)

      by julesh (229690) on Wednesday May 16, 2007 @06:22AM (#19142893)
      Consider that click through rates to a relevant ad are typically less than 3%. This represents 5% of people who would normally click on an advert.
    • Most of the people who actually clicked on it were not idiots but security consultants.
    • by Jugalator (259273)
      The percentage should be adjusted for the ratio of users that click Adwords in the first place though. Perhaps it's no more than 20% or so.
  • statistics (Score:3, Interesting)

    by jonastullus (530101) * on Wednesday May 16, 2007 @05:55AM (#19142755) Homepage
    sorry, couldn't RTFA because the link text was kinda prohibiting.

    the poster makes it sound as if the conclusion from the statistic is something like "oh my god, windows users are sooo dumb". but also quoting the percentage of all users using windows would reveal a prior probability of something in the 90s already. so, assuming that the "experiment" has an error greater 0, the deviation between the prior probability and 98% has almost no significance...
  • Not exactly. (Score:5, Insightful)

    by SolitaryMan (538416) on Wednesday May 16, 2007 @05:59AM (#19142773) Homepage Journal

    The Google Adwords campaign cost $23 in total, which works out to $0.06 per infection had the site actually been malicious."

    Not exactly.

    $0.06 per infection attempt, which is obviously not the same thing.

    • $0.06 per infection attempt, which is obviously not the same thing.
      Not even that. The site had just some boring text on it, no actual virus. So, it didn't even attempt to infect the PC.
  • Oh dear. (Score:3, Interesting)

    by massivefoot (922746) on Wednesday May 16, 2007 @06:03AM (#19142791)
    This just goes to show, not matter how much you warn people they're about to do something really dumb, the still will. How many people do you think read that advert, though "No, it can't possibly mean that..." and then clicked on it to see?
  • Browser stats (Score:4, Interesting)

    by locofungus (179280) on Wednesday May 16, 2007 @06:11AM (#19142825)
    The comments give the browser stats:

    335 - some version of IE
    52 - Some version of Firefox
    5 - other

    That gives Firefox a 15% share.

    Tim.
    • Re: (Score:3, Insightful)

      by Torodung (31985)
      Pretty much reflects total market share almost 1:1. When 90% of the consumer market uses MS as their OS, is it terribly surprising that 85% of consumer *morons* use it?

      --
      Toro
      • by suv4x4 (956391)
        Pretty much reflects total market share almost 1:1. When 90% of the consumer market uses MS as their OS, is it terribly surprising that 85% of consumer *morons* use it?

        There should always someone wrecking a good bashing with some plain logic, isn't there.

        But boring jokes aside, it brings another topic into descussion. What would be the % of infected systems, if that WOULD be a malicious site.

        On a patched up XP or Vista right now, are there active drive-by-downloads you can exploit on IE, Opera, Firefox?
        If s
        • by Torodung (31985)
          Even less dangerous if you're using Lynx! ;^)

          I heartily agree with the spirit and content of your reply. Browsers are safe if configured properly. PEBKAC is the primary vector for most of this stuff, not a software company. ActiveX was an insecure design, as is .NET because of backwards compatibility, but if you whitelist in IE according to this document

          http://www.microsoft.com/athome/security/online/br owsing_safety.mspx [microsoft.com]

          and browse the "Internet Zone," not at "High" as suggested, but with a "Custom" setting
          • Re:Browser stats (Score:4, Insightful)

            by NatasRevol (731260) on Wednesday May 16, 2007 @08:26AM (#19143559) Journal
            Why should I have to work to protect my browser? Or my computer while just *going* to a web site.

            There's such a huge jump in logic there that it just befuddles me that 'configuring properly' is required to use the internet.

            No computer/browser is perfect, but it just makes basic sense to use a computer/browser that starts at a very secure state and allows you to open it up if you want/need. Rather than the other way around.

            <bad car analogy> It's like having to put rear view mirrors on your car after you buy it. </bad car analogy>
    • That gives Firefox a 15% share.
      Not necessarily. It could also mean that Firefox users are more self-confident and thus have a higher probability of clicking on the link, because they know it can't harm them anyways...
      • That gives Firefox a 15% share.

        Not necessarily. It could also mean that Firefox users are more self-confident and thus have a higher probability of clicking on the link, because they know it can't harm them anyways...


        Ha! I was going to suggest that firefox users are more "educated" and less likely to click on a link.

        On the whole though I'd assume that there were the roughly same proportion of idiots in each camp

        Tim.
        • Re:Browser stats (Score:4, Interesting)

          by ArsenneLupin (766289) on Wednesday May 16, 2007 @07:16AM (#19143125)

          Ha! I was going to suggest that firefox users are more "educated" and less likely to click on a link.
          It's not so simple. Their education allows them to know that they should not click on such a link in IE. But it also tells them to run Firefox. While running Firefox, especially on Linux, they would have no risk, and curiosity will win.

          It might be more interesting (but harder to obtain) a statistic broken down not only by the browser which user is currently using, but also by browser which they usually use. Here an "usual Firefox user currently stuck on IE" might be less likely to click on such a link. But such data can unfortunately not be obtained, short of asking user directly.

          Hmmm, and even in that case, the behavior might not be what would be expected. A "usual Firefox user currently stuck on IE" might still click on that link, in order to teach the party who stuck him on IE a lesson... Tricky, tricky...

          On the whole though I'd assume that there were the roughly same proportion of idiots in each camp
          Not necessarily. As shown above, both idiots and smart people might click on the link. But they would do so for different reasons.
  • by gazbo (517111) on Wednesday May 16, 2007 @06:13AM (#19142839)
    Hell, if I saw that link I'd click on it for sure. Well, I might drop to Cygwin and use lynx "just in case", but there's no way I'd not investigate such a link.
  • ONLY? (Score:4, Funny)

    by Opportunist (166417) on Wednesday May 16, 2007 @06:14AM (#19142845)
    0.16%? I'd have guessed far more would click.

    Next time call it "hot chicks with huge tits want to give you some love virus". I predict a /. effect.
  • by Torodung (31985) on Wednesday May 16, 2007 @06:14AM (#19142847) Journal
    I once explained that browser security is almost entirely determined by the user. This proves it. I wouldn't trust that 0.16% with a pocket calculator, let alone a computer!

    You can't write code or design software that will secure "stupid." Firefox and Linux are certainly easier to secure, and they have a better security model, but they aren't idiot proof.

    If those folks were using an abacus, they'd probably get their head stuck in it! <G>

    --
    Toro
  • Malicious intent (Score:2, Interesting)

    by canb (792889)
    I think it might very well be possible that many of those clicks are made from computers that are not owned by the user. Like maybe the school's computer or a friend's (who has wronged you) computer that the user (who has access, but not the know-how of how to infect)would want to harm. So I'd wager that quite a few of those clicks would not qualify as a completely idiotic act.
    • 'I think it might very well be possible that many of those clicks are made from computers that are not owned by the user'

      Without any evidence to the contrary your argument is entirely specious. How do we know they weren't space aliens.

      was Re:Malicious intent (Score:5, excuses~1)
  • Idiots ? (Score:2, Insightful)

    by Anonymous Coward
    Maybe people clicking this link are not so dumb.

    I would say that people clicking "Click here to check if your PC is virus-free !" are more stupid.
    Personally, I wouldn't have clicked the "get infected", but I understand curious people who would because they are confident in their protection and this is kind of joke. When I see "Get your PC infected !", I think "no way, nobody can want this, must be a joke or something".

    Of course, being confident in one's protection and using Windows IS stupid...
  • by QuantumG (50515) <qg@biodome.org> on Wednesday May 16, 2007 @06:21AM (#19142885) Homepage Journal
    sometimes you just like to know that it is working.

    I wonder if average users of AV software look at their "quarantined files" and do a rough calculation of how much each of them cost..

    "Hmm, I paid $60 for AV software this year and I've had a grand total of 4 files quarantined.. that's $12.50 per file."

    I guess not, as 99% of people probably have zero files quarantined, not counting the false positives (I know I do).

    • by suv4x4 (956391)

      I wonder if average users of AV software look at their "quarantined files" and do a rough calculation of how much each of them cost..

      "Hmm, I paid $60 for AV software this year and I've had a grand total of 4 files quarantined.. that's $12.50 per file."


      That puts my life insurance in perspective. I paid hundreds of dollars for it this year, and I've had a grant total of zero deaths. That' uhmm.. division by zero exception per death, I guess.
    • That's the wrong metric though.

      The right one is: Does AV software save more than it costs? Eg, if reimaging a box costs $100, and you've got to fix 50 of them because it spread all around the company and DoSed the network, then paying $60 per year per box(and you should get a MUCH better price than that if you're licensing for 50) is definitely worth it. Sometimes it's something annoying and mostly harmless, but some viruses have really nasty effects. Take Slammer for instance.
    • by seven7h (926826) on Wednesday May 16, 2007 @06:47AM (#19143005)
      Looks like we have a member of the 0.16% here on /.
      $12.50 x 4 = $50
      • No, you're talking about someone who pays 60 bucks a year for AV software--the original calculation stands... ;)
  • by Torodung (31985)
    It is possible that some folks were testing their antivirus/patch status when they clicked? How many of them were loading the web page for forensic analysis?

    Security "white hats" do things like that you know. All those hits could be FBI agents for all we know. ;^)

    --
    Toro
    • Re: (Score:3, Interesting)

      by ben there... (946946)
      If I had seen it I'd click it. Just for the hell of it. Not because I think Firefox is completely invulnerable, but because it has a low probability of infecting me. Best case I cost some moron some money. Worst case I find a hole in Fx. Why not? That is, if I paid any attention whatsoever to Google Ads.
    • 'It is possible that some folks were testing their antivirus/patch status when they clicked?'

      On the other hand it is possible that 100% of Windows users are morons as against 2% for the rest. No one in his right mind would click on a malicious link to test their antivirus/patch status.

      As a test, in your work place, set up a power socket with a sign over it that says 'Testing the ELCB [alibaba.com] system, please insert fingers in socket'. Lets see how many you get.

      Re:This is only a test....
  • From a browser perspective, 52 clicks were Firefox and 335 were IE (added up from TFA). So, 13% of those who clicked were using Firefox. From what I recall, 10-15% of all internet surfers use Firefox... I personally would have suspected a larger proportion of IE users.
  • Huh? (Score:5, Interesting)

    by julesh (229690) on Wednesday May 16, 2007 @06:24AM (#19142901)
    Last time I ran a Google Adwords campaign, they'd drop your advert if you get less than a threshold clickthrough rate. I think it was 0.5%. It was certainly higher than 0.16%. So how did they do this? Have Google dropped that restriction?
    • Re: (Score:3, Informative)

      by simong (32944)
      As far as I can see they'll take your money for as long as you're willing to pay it. Your ad might fall back on to the second page of results but you're paying for the impressions as well as the clicks.
    • by Torodung (31985)
      Three words: "Initial Public Offering"

      --
      Toro
  • by JetScootr (319545) on Wednesday May 16, 2007 @06:25AM (#19142903) Journal
    for not RTFA'ing. Being a true /.er, here's my opinion anyway:
    Microsoft sucks. Users are idiots.
  • by voudras (105736) <voudrasNO@SPAMswiftslayer.org> on Wednesday May 16, 2007 @06:49AM (#19143017)
    My good friend once joked that 95% of users would double click an icon named "ClickMe.EXE", without much thought at all.

    the other 5 percent would right click and select open.

  • Wait.... (Score:3, Funny)

    by ZeroSerenity (923363) <`moc.oohay' `ta' `50camrog'> on Wednesday May 16, 2007 @07:14AM (#19143105) Homepage Journal
    Was this story really submitted by Gates himself?
  • 409 of 259,000 people is a pretty small percentage. How many of those clicks were just accidents where people only read the first sentance? How many were just mac people trying to make windows people look bad?
  • by httpamphibio.us (579491) on Wednesday May 16, 2007 @07:59AM (#19143349)
    He comes into work one day and you can tell by looking at him that he's pissed. He goes into the break room to get ready for the shift so I go back there and ask him what's wrong.

    He says, "I'm need a new ****ing computer."
    I ask why...
    "because the one I have now is too slow. I can't use the web because I get hundreds of popups."
    I tell him that's a pretty easy thing to fix and off to burn a CD and write up some directions for him.
    He tells me that won't work... again, I ask why.
    "Because I'm ****ing sick of Microsoft."
    I tell him I totally understand that, but that his problem with the pop-ups is pretty easy to fix.
    He says, "No, it's not. I click on all the Windows that ask me if I want to remove the viruses from my computer and they are always charging me $20-$40 per virus. I spent almost $400 last week!"

    Another computer savvy employee had joined the conversation by this point and we both looked at each other in complete disbelief. The guy wasn't joking...
  • I'm disappointed.

HELP!!!! I'm being held prisoner in /usr/games/lib!

Working...