Slashdot Mirror

← Back to Stories (view on slashdot.org)

Russian Firm Pays to Infect PCs with Adware

Posted by timothy on from the that's-pleasant dept.

Jaidev writes "Information week is reporting that a Russian site (IframeDollars) is paying web developers 6 cents for each machine they infect with spyware or adware. One security expert estimates that iframeDollars could collect as much as $75,000 annually from the adware it placed on the infected machines during the third week of May, which cost approximately $12,000 in payments to place"

22 of 266 comments (clear)

  1. When spreading malware becomes this obvious by Anonymous Coward · · Score: 3, Insightful
    it needs to be dealt with in a very obvious and unsubtle fashion. The owners if iFrameDollars should be killed, publicly and very bloodily as should anyone who works for the company. This might not satisfy strict due process guarantees (OK, it doesn't) but on the other hand these guys are scum and it's not as if we need a trial to prove this. Killing everyone at iFrameDollars will have the salutary effect of making other idiots who are considering this sort of thing think twice, or perhaps even three or four times about it, before they embark on something so odious.

    1. Re:When spreading malware becomes this obvious by Tim+C · · Score: 3, Insightful

      You'd kill over something like this? Get a sense of perspective.

      --
      It's official. Most of you are morons.
  2. I cant wait... by Wazukkithemaster · · Score: 1, Insightful

    For the obligatory "In Mother Russia..." comments. but how many of the first thousand will be moderated funny? or how about-- dare i say-- insightful? But its alright... they are, after all, obligatory

    --
    Live according to the Categorical Imperative. If the Categorical Imperative tells you not to live by it... ignore it
  3. Tracking? by Mad+Merlin · · Score: 3, Insightful

    How do they track this? I guess their malware/adware calls home as soon as it strikes a target. Perhaps there's a possible weakness in this in that you could just keep infecting a VM and then restoring it to a good image again. Think they'd be smart enough to notice something odd about a million infections from the same IP?

    --
    Game! - Where the stick is mightier than the sword!
    1. Re:Tracking? by mikael · · Score: 3, Insightful

      They would probably consider one IP address as a single sale.

      You could try spoofing false IP addresses, but they would probably be smart enough to have a three stage handshake to make sure the IP address actually existed. Not forgetting checksums to ensure that the whole package was installed. They would probably have this happen every time the machine was switched on/off, in order to know which systems were available for use. And they would probably wait a whole week until they were certain the malware was installed successfully.

      --
      Vintage computer adverts: http://www.vintageadbrowser.com/computers-and-software-ads
  4. Is this illegal? If not, just the effect of market by icemax · · Score: 2, Insightful

    If adware and spyware is not illegal (although nobody here would argue it is ethical), and there is some monitary value for each PC infected, it was only a matter of time that offers like this would become public. Hopefully market competition will force down the value of each infected PC, making these schemes less inviting.

    --


    __________
    Love conquers all... except CANCER
  5. Where to now ? by morcego · · Score: 2, Insightful

    I was wondering where we are going from here.
    SPAM, Pay-for-xploit. 99% of the web content is pretty much useless.

    Is it possible to claim back the Internet ? Somehow, I don't think so.

    --
    morcego
  6. Re:The Real Question is... by zienth · · Score: 2, Insightful

    Why do you think Microsoft is getting into the anti-virus business? First they single-handedly created a multi-billion dollar market for anti-virus software by creating an OS that's about as secure as cheesecloth, and now they're going to jump in and make more profit by selling anti-virus software.

    It's like a contractor building a house with a leaky roof, and then selling you a tarp to put over it.

    I wish the internet backbone sites would all block traffic to and from IframeDollars. Hmmm, but that's a slippery slope. Next week someone not quit as bad will show up, and where do you draw the line at who to block and who to let be?

    Keith

  7. Re:First post.... by Alex+Belits · · Score: 3, Insightful

    1. US government passes a legislation that destroys a profitable business model.

    2. Saudi Arabia develops a housing program that involves building a large number of igloos.

    I would rather bet on the second one.

    --
    Contrary to the popular belief, there indeed is no God.
  8. Use of affiliate program business as normal by NathanBFH · · Score: 3, Insightful

    This isn't really all that suprising. Business is business, whether it's black, gray, or white market. Affiliate programs work, why wouldn't adware businesses use this method to spread their product? It's interesting to see some estimates on their revenue, however. At first I read the slashdot summary and thought they were talking about $75,000 revenue annually and was surprised that anyone would even bother making adware for such pittly money. But the 'Aha!' moment came when I reread it and saw that's the estimated revenue for one-weeks worth of business. Damn, not too shabby.

  9. Re:They've got me! by Anonymous Coward · · Score: 1, Insightful

    Of that story I think the most disturbing part was that you all took turns putting the same piece of equipment on your dick.

  10. Not only in Russia by AwenAnam · · Score: 2, Insightful

    Recently I was contacted by a friend of mine in the United States who wanted to hire me as a programmer to develope an email borne virus with a certain advertisement payload for one of his clients.

    I graciously declined the offer.

  11. Re:Everybody is satisfied! by Paco23 · · Score: 5, Insightful

    # We have 3 reliable servers with excellent speed Probably not for very long.

  12. Important message to Slashdot editors by atomm1024 · · Score: 2, Insightful

    Make sure you edit out any mentions of Russia from article summaries. That can only lead to at least half of the comments being lame Soviet Russia jokes.

    --
    Signature.
  13. Re:Is this illegal? If not, just the effect of mar by BlogPope · · Score: 2, Insightful

    I suspect they only care if its legal in Russia, and then perhaps only a little.

    --
    My other car is a Popemobile
  14. Re:The web never forgets... by Anonymous Coward · · Score: 1, Insightful

    The data to connect my name, my address, my bank account, my hobbies, etc. to these comments exists on machines over which I have no control. I could name the paths which connect these snippets of information. They are spread over different companies right now, but that doesn't mean they will never be joined and analyzed. The utter insignificance of these comments probably means that nobody will ever care enough to single out this data association, but it still exists.

  15. Re:Isn't capitalism great? by Phixxation · · Score: 2, Insightful

    I agree, but lack of a lock, or lack of a WORKING lock is not part of a "Normal Business Model". Ignorance of the masses doesn't make it "Normal" for a maliceous company to subvert what little security the bank (or computer) may have.

    My point is that because of the complexity of computer hardware and software, combined with its increadible proliferation, makes it very easy for these companies to use their marketing "tools". If they were legit, they woulden't need to "pick the lock". I think we're arguing over terminology here... Security is part of a normal business model, I agree, but unfortunately the general masses are relatively ignorant in regards to this very problematic issue. Until we educate them, they're going to fall prey to this kind of attack. However, it still doesn't make it "Normal" or "Okay" for a BUSINESS to actively exploit the property of others.

    --
    "In a world without walls or fences, who needs Windows or Gates?"
  16. The story left out one very important detail... by ArsenneLupin · · Score: 3, Insightful

    It didn't answer the question: "Where do I sign up?". I've got a couple of thousands of windows users to teach a lesson to, and if I can make some moolah in the process, so the better!

  17. Re:First post.... by Tsunamio · · Score: 3, Insightful

    I'll take that bet. The US (or any other) government doesn't like profitable business models that attack other, even more profitable business models. Napster may have been making a profit, but that doesn't mean the folks in Washington liked it. And that was something that most voters approved of!

    The US government really doesn't like profitable business models from other countries that depend on slowing down our economy (say, by installing malware on all our computers).

  18. Re:MS putting food on other peoples table once aga by Ravatar · · Score: 2, Insightful

    All of these exploits have been patched by Microsoft already. It is the responsibility of the end-user to keep their OS up-to-date. For those too inept, Windows XP SP2 "automatic update" feature is decent i've heard.

  19. Re:Everybody is satisfied! by Elshar · · Score: 2, Insightful

    I'd be suprised if the people they managed to infect even noticed. Or cared as long as their machine was running. Hell, as long as you don't take a damned sledgehammer to their machine, they could honestly care less as long as they:

    - have access to their porn
    - can play solitare/hearts/freecell/minesweeper
    - get & write email
    - open the internet
    - do some 'work' with word/excel

  20. Re:Mod parent up by anubi · · Score: 2, Insightful
    I know its poor form to reply to one's own reply...

    This post presented a vexing moderation problem to me.

    Thing number 1: Refrozen presented a very informative on-topic link.

    Thing number 2: Refrozen also stated nothing wrong with ADWARE, which to me is a very inflammatory troll.

    I consider ANY intrusion and placing of stuff in my machine as malicious mischief, much as I would view anyone coming onto my property and leaving painted ads... aa well as a theft of my time to witness ad and time required to remove it.

    Whether they flip bits or leave paint, they have still altered my property - and stolen my time.

    No way can I condone adware like this - I think about all of us here consider it at least malicious mischief.

    So how do you moderate an informative flamebait?

    --
    "Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]