Click Here To Infect Your PC!

Email me for FREE viruses writes "Just how many people would click an ad saying "Is your PC virus-free? Get it infected here!"? According to the security researcher who ran that very ad on Google for 6 months, 0.16% (409 of 259,723) would click on it. 98% of those people were running Windows. The Google Adwords campaign cost $23 in total, which works out to $0.06 per infection had the site actually been malicious."

How many slashdotters

Then went and clicked on the link in the article? :P

Re:How many slashdotters

[Ceriel+Nosforit]

You mean amongst the approximately 0.16% who actually RTFA? :o)

Re:How many slashdotters

[simm1701]

Yes but I did it from lynx, on a non priveliged account, on an AIX box - I'd like to have see the malware that would target that!!!

I'm not paranoid!! They are out to get me!!

Re:How many slashdotters

[weighn]

I'm not paranoid!! They are out to get me!! hmm, there's still scope for narrowing the attack surface. I'll snail-mail you a C64 port of Lynx and follow with a MD5 hash to your next door neighbor 2 weeks later ...

Re:How many slashdotters

[Columcille]

That was my thought. Had I seen something like this, chances are I would have clicked it just to see what they were trying to do.

Re:How many slashdotters

[jstretch78]

"Click Here To Infect Your PC!" == "NAKED NAKED NAKED LADIES FREE BEER"

Curiosity killed....wait free beer?

Re:How many slashdotters

[Yvanhoe]

Arguably, you wouldn't want to use Internet Explorer for that. 80% of the visit to the site were made with IE. Here is a quote :

Here is a breakdown: IE 5.5 1
IE 6.0 286
IE 7.0 48
Safari (419.3) 1
Opera 9.01 1
Opera 9.10 1
Firefox 1.0 7
Firefox 1.5.0.7 9
Firefox 1.5.0.8 2
Firefox 1.5.0.9 3
Firefox 2.0 3
Firefox 2.0.0.1 6
Firefox 2.0.0.2 1
Firefox 2.0.0.3 21
SeaMonkey 1.1 2
AdsBot-Google 24

Total 416

Re:How many slashdotters

[GuldKalle]

Well, there is a certain logic to it anyways. Normally when you click a pr0n-link, you get infected with a virus. So if you click a virus-link, you would expect to see porn.

Re:How many slashdotters

[sticky_charris]

Thats why real perverts run linux ;)

Re:How many slashdotters

[Archangel+Michael]

Is this some sort of bizarre form of the Soviet Russia Meme???

Re:How many slashdotters

[gad_zuki!]

Me too. Only 409 people clicked on it, not 400,000. His click-through rate was terrible. As much as we're supposed to mock n00bs here, I wouldnt be surprised if most of these clicks (if not all) were from curious geeks.

It's hardly a surprise

[Xiph]

to tech professionals, that users need clue distributed by bat

Re:It's hardly a surprise

[mrbluze]

It's like sex. People know full well they'll get infected, they click, they get infected, they spend several months or years in denial until their body slows to a crawl.

Re:It's hardly a surprise

[the+unbeliever]

Getting rid of most std's is easier than getting rid of some spyware/viruses...

Consider your average spyware/virus akin to chlamydia or syph, while the really nasty stuff is more like aids/herpes...

Granted, you can't reformat your body and get rid of it, but if you consider a reformat more along the lines of reincarnation...

Re:It's hardly a surprise

[Eivind]

The worst-case scenario are however very significantly different.

Worst-case for a virus-infected windows-machine ? Complete reinstallation. A day lost, hell make it "toss away $1000 machine".

Worst-case for std ? Death.

Not really comparable.

Re:It's hardly a surprise

[repvik]

Worst case isn't "complete reinstall". It's "complete reinstall, and remove BIOS to reflash on another board". There are viruses that reflashes your BIOS rendering your PC unbootable.

Re:It's hardly a surprise

[cornjones]

no, worst case is all of your data compromised, potentially financial/personal etc....

it is possible that this would be worse than death for some (unlikely, but possible)

Sad...

[Max+Romantschuk]

The sad thing is that using something more enticing like "Free boobs this way" would send millions of clueless Joe Windowses your way... All ripe for the picking.

Re:Sad...

[Architect_sasyr]

Which way did you say?

Re:Sad...

[SkyDude]

The sad thing is that using something more enticing like "Free boobs this way" would send millions of clueless Joe Windowses your way... All ripe for the picking.

And of course, no *nix users would EVER do that.....

Re:Sad...

[ZOMFF]

It's true. Free porn is a great way to get people to click on things they usually wouldn't click on. While I was in college about 8 years ago, I set up a porn share from my computer that was password protected. I also included a file called GET_PORN_PASSWORD.EXE which popped up a box with the password. The EXE also installed the client stub for Sub7 (a type of back-orafice program). Since Sub7 was fairly new, none of the antivirus software picked up on it. Over the next 24 hours I had pretty much 8,000 machines that I could fully remote, pull data off of, log key strokes, etc (my personal favorite was opening the cdrom drive and playing a "FEED ME" wave file).

Luckily I was never questioned about the matter and by the time most people caught on, Antivirus definitions were updated to detect the Sub7 stub.

Re:Sad...

[c_forq]

I remember using Sub7 in High School, a friend and I infected an entire computer lab and would mess with random people during our computer literacy class. My favorite tricks were the flipping the monitor image and the matrix-screen thing. It lasted a few months before the anti-virus started detecting and fixing our backdoor. A couple years after I graduated a kid was expelled from my school for doing about the same thing, so I'm glad we were never caught.

0,16%

[JanneM]

At a click rate of 0,16% - about one in 600 - I have to wonder if not a fairly large portion is simple click errors. You intend to click on some other link nearby on the page but by mistake click that one instead. There's several kind of interaction slips just like that that we do in other circumstances after all.

Re:0,16%

[dour+power]

Even those who deliberately clicked on the link could have easily read the text as, "Get it inspected here!" Not an excuse, but certainly understandable. How many /. article postings contain at least one sincere reply of the form, "Am I the only one who read that as...?"

Hmmm

[gordgekko]

It's news that at least 0.16% of people are idiots? Actually I'm shocked the number was this low. This is actually good news.

Re:Hmmm

[Imaria]

I was thinking the same thing; this actually bodes far better for common sense than I would have imagined otherwise.

Re:Hmmm

[julesh]

Consider that click through rates to a relevant ad are typically less than 3%. This represents 5% of people who would normally click on an advert.

statistics

[jonastullus]

sorry, couldn't RTFA because the link text was kinda prohibiting.

the poster makes it sound as if the conclusion from the statistic is something like "oh my god, windows users are sooo dumb". but also quoting the percentage of all users using windows would reveal a prior probability of something in the 90s already. so, assuming that the "experiment" has an error greater 0, the deviation between the prior probability and 98% has almost no significance...

Re:statistics

[richlv]

i was reading that more as "no, that was not linux users clicking the link for fun". i mean, i would click on such a link ;)

Not exactly.

[SolitaryMan]

The Google Adwords campaign cost $23 in total, which works out to $0.06 per infection had the site actually been malicious."

Not exactly.

$0.06 per infection attempt, which is obviously not the same thing.

Oh dear.

[massivefoot]

This just goes to show, not matter how much you warn people they're about to do something really dumb, the still will. How many people do you think read that advert, though "No, it can't possibly mean that..." and then clicked on it to see?

Re:Oh dear.

[nurb432]

Or how many people thought ' it cant happen to me, as im protected ', but were still curious what the page was about.

Underserved group

[Nymz]

At a click rate of 0,16% - about one in 600 - I have to wonder if not a fairly large portion is simple click errors.

At first I thought the same thing, just random misclicks. But then it hit me, there are a large number of users on the internet that don't have the know-how to install a virus on a computer of someone they hate, like an uppity coworker.

Imagine a bussiness model that would allow anyone to simply 1-click and install a virus (not a feature, those are patentable). Revenue would be generated with advertisments downloaded by the trojan, that would popup at random times on the victims computer. In essence, the victim would have to pay for the service. Brilliant!

Re:Underserved group

[Gordonjcp]

For the Debian users, it's easy: http://debianplanet.org/?from=405

Re:0,16% Mac/Linux users

[nyctopterus]

And of that tiny percentage how many were Windows users taking the fairly safe bet that the ad didn't do what it said?

Browser stats

[locofungus]

The comments give the browser stats:

335 - some version of IE
52 - Some version of Firefox
5 - other

That gives Firefox a 15% share.

Tim.

Re:Browser stats

[Torodung]

Pretty much reflects total market share almost 1:1. When 90% of the consumer market uses MS as their OS, is it terribly surprising that 85% of consumer *morons* use it?

--
Toro

Re:Browser stats

[ArsenneLupin]

Ha! I was going to suggest that firefox users are more "educated" and less likely to click on a link. It's not so simple. Their education allows them to know that they should not click on such a link in IE. But it also tells them to run Firefox. While running Firefox, especially on Linux, they would have no risk, and curiosity will win.

It might be more interesting (but harder to obtain) a statistic broken down not only by the browser which user is currently using, but also by browser which they usually use. Here an "usual Firefox user currently stuck on IE" might be less likely to click on such a link. But such data can unfortunately not be obtained, short of asking user directly.

Hmmm, and even in that case, the behavior might not be what would be expected. A "usual Firefox user currently stuck on IE" might still click on that link, in order to teach the party who stuck him on IE a lesson... Tricky, tricky...

On the whole though I'd assume that there were the roughly same proportion of idiots in each camp Not necessarily. As shown above, both idiots and smart people might click on the link. But they would do so for different reasons.

Re:Browser stats

[NatasRevol]

Why should I have to work to protect my browser? Or my computer while just *going* to a web site.

There's such a huge jump in logic there that it just befuddles me that 'configuring properly' is required to use the internet.

No computer/browser is perfect, but it just makes basic sense to use a computer/browser that starts at a very secure state and allows you to open it up if you want/need. Rather than the other way around.

<bad car analogy> It's like having to put rear view mirrors on your car after you buy it. </bad car analogy>

Doesn't really mean much

[gazbo]

Hell, if I saw that link I'd click on it for sure. Well, I might drop to Cygwin and use lynx "just in case", but there's no way I'd not investigate such a link.

ONLY?

[Opportunist]

0.16%? I'd have guessed far more would click.

Next time call it "hot chicks with huge tits want to give you some love virus". I predict a /. effect.

Why does it matter what OS they were using?

[Torodung]

I once explained that browser security is almost entirely determined by the user. This proves it. I wouldn't trust that 0.16% with a pocket calculator, let alone a computer!

You can't write code or design software that will secure "stupid." Firefox and Linux are certainly easier to secure, and they have a better security model, but they aren't idiot proof.

If those folks were using an abacus, they'd probably get their head stuck in it! <G>

--
Toro

Re:Why does it matter what OS they were using?

[Faylone]

I believe you're looking for http://seenonslash.com/

Malicious intent

[canb]

I think it might very well be possible that many of those clicks are made from computers that are not owned by the user. Like maybe the school's computer or a friend's (who has wronged you) computer that the user (who has access, but not the know-how of how to infect)would want to harm. So I'd wager that quite a few of those clicks would not qualify as a completely idiotic act.

Idiots ?

Maybe people clicking this link are not so dumb.

I would say that people clicking "Click here to check if your PC is virus-free !" are more stupid.
Personally, I wouldn't have clicked the "get infected", but I understand curious people who would because they are confident in their protection and this is kind of joke. When I see "Get your PC infected !", I think "no way, nobody can want this, must be a joke or something".

Of course, being confident in one's protection and using Windows IS stupid...

Time for a crusade!

[mrbluze]

Getting rid of most std's is easier than getting rid of some spyware/viruses...

We need to go on a crusade to teach people how to surf porn safely, such as avoiding using a firewall on a microsoftie, but to make sure you have a hardened system first!

Re:Time for a crusade!

[ronanbear]

If you had a hardened system first then porn wouldn't be as useful.

You pay all this money for AV software..

[QuantumG]

sometimes you just like to know that it is working.

I wonder if average users of AV software look at their "quarantined files" and do a rough calculation of how much each of them cost..

"Hmm, I paid $60 for AV software this year and I've had a grand total of 4 files quarantined.. that's $12.50 per file."

I guess not, as 99% of people probably have zero files quarantined, not counting the false positives (I know I do).

Re:You pay all this money for AV software..

[seven7h]

Looks like we have a member of the 0.16% here on /.
$12.50 x 4 = $50

This is only a test....

[Torodung]

It is possible that some folks were testing their antivirus/patch status when they clicked? How many of them were loading the web page for forensic analysis?

Security "white hats" do things like that you know. All those hits could be FBI agents for all we know. ;^)

--
Toro

Re:This is only a test....

[ben+there...]

If I had seen it I'd click it. Just for the hell of it. Not because I think Firefox is completely invulnerable, but because it has a low probability of infecting me. Best case I cost some moron some money. Worst case I find a hole in Fx. Why not? That is, if I paid any attention whatsoever to Google Ads.

summing up the numbers..

[anonymous_but_brave]

From a browser perspective, 52 clicks were Firefox and 335 were IE (added up from TFA). So, 13% of those who clicked were using Firefox. From what I recall, 10-15% of all internet surfers use Firefox... I personally would have suspected a larger proportion of IE users.

Huh?

[julesh]

Last time I ran a Google Adwords campaign, they'd drop your advert if you get less than a threshold clickthrough rate. I think it was 0.5%. It was certainly higher than 0.16%. So how did they do this? Have Google dropped that restriction?

Re:Huh?

[simong]

As far as I can see they'll take your money for as long as you're willing to pay it. Your ad might fall back on to the second page of results but you're paying for the impressions as well as the clicks.

For once I have an excuse...

[JetScootr]

for not RTFA'ing. Being a true /.er, here's my opinion anyway:
Microsoft sucks. Users are idiots.

or cache pre-fetch

[jamesh]

Would any aggressive cache pre-fetch engines follow links like this?

click_me.exe

[voudras]

My good friend once joked that 95% of users would double click an icon named "ClickMe.EXE", without much thought at all.

the other 5 percent would right click and select open.

Badsense

[Dogtanian]

The sad thing is that using something more enticing like "Free boobs this way" would send millions of clueless Joe Windowses your way... I can see the advert now:-

Free boobies for all!
Cute booby chicks for your delectation! aff
en.wikipedia.org

Re:Badsense

[hotdiggitydawg]

The sad thing is that using something more enticing like "Free boobs this way" would send millions of clueless Joe Windowses your way... I can see the advert now:-

Free boobies for all!

Cute booby chicks for your delectation! aff

en.wikipedia.org Don't forget the penduline tits! And of course for those with more, erm, "eccentric" tastes, there's also tits of the bearded variety...

specious argument ..

[rs232]

'I think it might very well be possible that many of those clicks are made from computers that are not owned by the user'

Without any evidence to the contrary your argument is entirely specious. How do we know they weren't space aliens.

was Re:Malicious intent (Score:5, excuses~1)

Wait....

[ZeroSerenity]

Was this story really submitted by Gates himself?

Re:Goatse!

just the once

Re:0,16% Mac/Linux users

[Zonk+(troll)]

Virus scanners create a false sense of security.

<user> I have Norton. My computer is now immune to all viruses.
(one week later)
<user> I have a virus, can you fix it?

I've seen people many times think that because they had Norton or McAfee, that they could do whatever they want without having to worry about getting a virus and act reckless. Open every attachment they get in email, downloading and running random .exes from "FREE!!!!!!!!!" sites, use Internet Explorer, etc.

Re:0,16% Mac/Linux users

[nyctopterus]

I wasn't talking about virus scanners, I was thinking more along the lines that it's very unlikely that the ad did what it said it would do, and much more likely it was study or a joke -- people would guess that before clicking it.

I worked with a guy...

[httpamphibio.us]

He comes into work one day and you can tell by looking at him that he's pissed. He goes into the break room to get ready for the shift so I go back there and ask him what's wrong.

He says, "I'm need a new ****ing computer."
I ask why...
"because the one I have now is too slow. I can't use the web because I get hundreds of popups."
I tell him that's a pretty easy thing to fix and off to burn a CD and write up some directions for him.
He tells me that won't work... again, I ask why.
"Because I'm ****ing sick of Microsoft."
I tell him I totally understand that, but that his problem with the pop-ups is pretty easy to fix.
He says, "No, it's not. I click on all the Windows that ask me if I want to remove the viruses from my computer and they are always charging me $20-$40 per virus. I spent almost $400 last week!"

Another computer savvy employee had joined the conversation by this point and we both looked at each other in complete disbelief. The guy wasn't joking...

My PC is still virus-free?

[nickspoon]

I'm disappointed.

Re:Attempted Infection == Infection

[ajs318]

Yes, but if you didn't know what it was or whether it was safe, you wouldn't click it in your browser, would you? You'd use netcat. For example, if the link goes to http://somesite.someisp.cc/some/long/filename.ext? query_string then you'd need to do

echo -e "GET /some/long/filename.ext?query_string HTTP/1.1\nHost: somesite.someisp.cc\n" | nc somesite.someisp.cc 80

which will dump the raw HTTP response onto STDOUT. And that's safe because you can't muck anything up by printing to the screen (well, you might get unlucky and have some weirdy escape code sequence turn off echo or redefine the entire character set or beep incessantly; but the whole beauty of xterm windows is that you can always close one forcibly if you have to).

And then, if and only if it looks safe, you can use wget http://somesite.someisp.cc/some/long/filename.ext to download it for investigation.

Bogus because it's flawed

[hexed_2050]

The tester did not take into account that his/her ad will also appear on 3rd party websites which the owner stands to make money from. There are many groups that take advantage of ads being displayed on their own 'ring of websites' and will generate fraud clicks no matter what the title/description of the ad displayed.

Example:

Joe runs a website. Joe decides he wants some income for his website and signs up for Google Adsense which displays contextual Google ads on his website. Google gives Joe a percentage of the revenue (30-40%?!-google doesn't tell exactly how much.) Joe decides to get some of his friends to click on his ads to boost his monthly revenue. Joe makes more money, and the ad gets more clicks. Advertisers have no idea that Joe is falsely generating clicks and will happily pay Google for the clicks, which in turn Google pays Joe his dividends as well.

Now if the tester turned off the ability to have his ads displayed on 3rd party websites, then the test would carry a bit more ground.

I'm not saying people aren't dumb enough to click on the ad, I'm just bringing up a valid point that exists in web advertising everywhere, especially Google (even they will tell you that their fraud systems will catch the persons 100% of the time - lol)

h

Re:Attempted Infection == Infection

[ColdWetDog]

Oh no, that's much too complex. I just click on the little blue "E". Works every time.

I think I was the Safari user.

[Gary+W.+Longsine]

Performed for curiousity sake from a test system, re-imaged shortly thereafter.

I wonder how many of the IE hits are from ad-clicking bots pretending to be IE. I think those things do some amount of random ad poking, to hide their tracks.

Re:Analogy

[Monsieur_F]

Like the girl who was sweeping and accidentally smashed her hand through a window.

This is why people should stop using windows!

Re:Goatse!

[mstahl]

Anonymous cowards don't need karma, and first posts don't need high visibility. I see it more as a mod point that got wasted for no good reason than an opportunity to reward someone for posting goatse.

Yes, they are comparable.

[Shadowlore]

For most users, yes that is among the worst, though not the worst.

Worse than reinstall: Having your private records emailed to others

Especially if your private records are government espionage records. Say your machine had a document you were preparing for your superiors detailing activities of some of your undercover intelligence operatives in foreign countries. Say the computer infection sent that information out. Worst case under this scenario: death of your agents, and death of your fellow citizens as they get slaughtered due to your government not knowing the details of an impending attack. Indeed, in this worse-case scenario the fatal STD is the minor incident since potentially thousands or even millions could be killed as a result of your machine getting sick.

What if your personal files were mailed out and the information in them led to the death of yourself or another? Say you had incriminating information that if others found out they may get violent over? What if that was emailed out.

I've seen this scenario on a less-than-fatal happen. I've seen people's Windows PCs get infected and their personal financial records emailed out to everyone in their address book.

What if your Windows Mobile device gets a virus on it locking your phone - preventing you from placing that call to 911? You or others (or both) could die from not having emergency medical arrive in time, if at all.

Most STDs are not fatal, even if untreated. Most Windows machine infections are not fatal, even if treated. But to say that they can not be is to not look at the potential or to consider the extent of which computers are integrated into our lives.