Slashdot Mirror

← Back to Stories (view on slashdot.org)

Russian Firm Pays to Infect PCs with Adware

Posted by timothy on from the that's-pleasant dept.

Jaidev writes "Information week is reporting that a Russian site (IframeDollars) is paying web developers 6 cents for each machine they infect with spyware or adware. One security expert estimates that iframeDollars could collect as much as $75,000 annually from the adware it placed on the infected machines during the third week of May, which cost approximately $12,000 in payments to place"

13 of 266 comments (clear)

  1. SANS Internet Storm Center already reported this by Anonymous Coward · · Score: 3, Informative

    SANS Internet Storm Center reported this issue more than a fortnight ago.

  2. Prevention by kschawel · · Score: 4, Informative

    First of all, this exploits holes that already have patches on Windows systems:

    The code exploits a number of patched Windows and Internet Explorer vulnerabilities, including some that go back as far as 2002. Systems that haven't been updated would be vulnerable to the exploit.

    So patch and you'll be fine. Second, if you don't want to patch, you can just block this company's IP:

    According to the Internet Storm Center, companies can prevent the downloading of adware and spyware from iframeDollars' servers by blocking the IP address 81.222.131.59.

    1. Re:Prevention by Baron_Yam · · Score: 4, Informative

      So what if everyone here started clicking here?

      Is it morally acceptable to launch a preemptive strike when you absolutely, positively know the bastard is attacking you? Given that I get a timeout when I click on that link, I'd guess many people have already said, "Yes".

    2. Re:Prevention by Baron_Yam · · Score: 4, Informative

      Oh, and since going to iframedollars.com or iframedollars.biz takes you to 195.95.218.170 and not the address mentioned in the parent post, you might want to click on the link above a few times as well.

    3. Re:Prevention by radish · · Score: 3, Informative

      Judging by what's happening for me right now, putting a bogus id in the form to the left of that page hits their server rather hard. Hasn't come back yet and it's been over a minute. Doesn't increase their hosting costs, but maybe we can cause a meltdown in the database ;)

      Oops, I appear to have just started 20 request threads on their app server. My mistake.

      --

      ---- Den ene knappen er powerknapp, den andre er Bender voice knapp "Bite My Shiny Metal Ass"

  3. Re:Tracking? by Anonymous Coward · · Score: 1, Informative

    As usual in the ad business, they pay for unique "contacts" only, so repeated infections reported from the same IP don't count.

    Don't try to fool Russian crime. They have the experience and don't like being played.

    There is another reason why people need to learn that its best to steer clear of shady practices. The web never forgets and if you're not found out today your deeds will still be recorded and associated with your name in the future. Unless you've accumulated enough money by then, you will have ruined your future.

  4. Re:Is this illegal? If not, just the effect of mar by Tim+C · · Score: 2, Informative

    Well, here in the UK installing stuff on my PC without my consent would be illegal under the Computer Misuse Act. I'd be amazed if there wasn't a similar law in your jurisdiction.

    Bottom line - I doubt very much indeed that this is legal in most countries.

    --
    It's official. Most of you are morons.
  5. Re:I will pay by Anonymous Coward · · Score: 2, Informative

    they are actually a canadian company 180solutions who own CDT who own loudmarketing who own windupdates.com whos software is the actual stuff that gets installed, iframedollarz is just a middleman

  6. LoudCASH? by Refrozen · · Score: 1, Informative

    LoudCASH! a "reputable" company does the same thing? There is nothing wrong with ADWARE, spyware is the bad stuff. All adware does is, well, show ads.

  7. Re:Igloos in Saudi Arabia? by Anonymous Coward · · Score: 1, Informative

    In Inuit the word "iglu" not "igloo" means house, however the parent-poster wasn't speaking Inuit. The parent poster was speaking English, and in English the word "igloo" means "an Eskimo house built of blocks of snow and ice in the shape of a dome for temporary purposes".

  8. Re:Honeypot browser by Anonymous Coward · · Score: 1, Informative

    So, somebody just write a program that sends GET requests with a spoofed IP address in the header.

  9. Re:Honeypot browser by SacredNaCl · · Score: 3, Informative

    Apparently these folks can be reached at:

    ICQ: 291994264

    and

    traff@mail.com

    I sure wouldn't want anyone spamming them, or contacting them with complaints and wasting their time like they waste mine having to remove their garbage...

    --
    Freedom is merely privilege extended unless enjoyed by one and all.
  10. Re:in soviet russia by kryptkpr · · Score: 3, Informative

    Sure.

    It was all started by Russian-board comedian Yakov Smirnoff.

    The original (and most funny version) of this joke was "In California, you can always find a party. In Soviet Russia, the Party can always find you!".

    I think it was the family guy episode that really popularized it though.. read the wikipedia article I linked for more info.

    --
    DJ kRYPT's Free MP3s!