New Click-Fraud Attack Is Stealthiest Yet 99
An anonymous reader sends news from The Washington Post's Security Fix blog of a new Trojan horse program that takes click fraud to the next level. The Trojan, dubbed FFsearcher by SecureWorks, was among the pieces of malware installed by sites hacked with the Nine-Ball mass compromise, which attacked some 40,000 Web sites this month. The Trojan takes advantage of Google's "AdSense for Search" API, which allows Web sites to embed Google search results alongside the usual Google AdSense ads. (SecureWorks' writeup indicates that Yahoo search is targeted too, but the researchers saw no evidence if the malware redirecting Yahoo searches.) While most search hijackers give themselves away on the victim's machine by redirecting the browser through some no-name search engine, FFsearcher "...converts every search a victim makes through Google.com, so that each query is invisibly redirected through the attackers' own Web sites, via Google's Custom Search API. Meanwhile, the Trojan manipulates the victim's PC and browser so that the victim never actually sees the attacker-controlled Web site that is hijacking the search, but instead sees the search results as though they were returned directly from Google.com (and with Google.com in the victim browser's address bar, not the address of the attacker controlled site). Adding to the stealth is the fact that search results themselves aren't altered by the attackers, who are merely going after the referral payments should victims click on any of the displayed ads. What's more, the attackers aren't diverting clicks or ad revenue away from advertisers or publishers, as in traditional click fraud: They are simply forcing Google to pay commissions that it wouldn't otherwise have to pay." If FFSearcher were the only piece of malware on the machine, it would have a better chance of staying under the radar.
Nine-ball? (Score:3, Insightful)
Re:The flaw in their foolproof plan (Score:1, Insightful)
I would not in a million years click on adds in most sites (those that get past addblock et al, that is), as they're usually about as helpful and legit looking as the used car salesman guy advertising the steak knife cheese juicer on late-night TV.
But... google adds are small, typically unintrusive and sometimes (*shock* *horror*) relevant and even helpful. So yeah, I will click on one or two every now and then.
Re:Serves Google right... (Score:3, Insightful)
"and it's not fair (nor should it be legal!) to penalize that person for clicks outside their control"
If you own a dog, you're responsible for it. If you own a car, you're responsible for it. If you own a computer, you're not responsible?
Cry us a river - - -