Slashdot Mirror

← Back to Stories (view on slashdot.org)

Click Here To Infect Your PC!

Posted by kdawson on from the proving-a-point dept.

Email me for FREE viruses writes "Just how many people would click an ad saying "Is your PC virus-free? Get it infected here!"? According to the security researcher who ran that very ad on Google for 6 months, 0.16% (409 of 259,723) would click on it. 98% of those people were running Windows. The Google Adwords campaign cost $23 in total, which works out to $0.06 per infection had the site actually been malicious."

30 of 215 comments (clear)

  1. How many slashdotters by Anonymous Coward · · Score: 5, Funny

    Then went and clicked on the link in the article? :P

    1. Re:How many slashdotters by Ceriel+Nosforit · · Score: 5, Funny

      You mean amongst the approximately 0.16% who actually RTFA? :o)

      --
      All rites reversed 2010
    2. Re:How many slashdotters by simm1701 · · Score: 4, Funny

      Yes but I did it from lynx, on a non priveliged account, on an AIX box - I'd like to have see the malware that would target that!!!

      I'm not paranoid!! They are out to get me!!

      --
      $_="Slashdotter";$syn="OTT";s;..;;;sub _{print shift||$_};s!ash!Perl !;s=$syn=ack=i;tr+LLEd+BLAH+;_"Just Another ";_
    3. Re:How many slashdotters by jstretch78 · · Score: 5, Funny

      "Click Here To Infect Your PC!" == "NAKED NAKED NAKED LADIES FREE BEER"

      Curiosity killed....wait free beer?

    4. Re:How many slashdotters by Yvanhoe · · Score: 4, Informative
      Arguably, you wouldn't want to use Internet Explorer for that. 80% of the visit to the site were made with IE. Here is a quote :

      Here is a breakdown: IE 5.5 1
      IE 6.0 286
      IE 7.0 48
      Safari (419.3) 1
      Opera 9.01 1
      Opera 9.10 1
      Firefox 1.0 7
      Firefox 1.5.0.7 9
      Firefox 1.5.0.8 2
      Firefox 1.5.0.9 3
      Firefox 2.0 3
      Firefox 2.0.0.1 6
      Firefox 2.0.0.2 1
      Firefox 2.0.0.3 21
      SeaMonkey 1.1 2
      AdsBot-Google 24

      Total 416
      --
      The Wise adapts himself to the world. The Fool adapts the world to himself. Therefore, all progress depends on the Fool.
    5. Re:How many slashdotters by GuldKalle · · Score: 5, Funny

      Well, there is a certain logic to it anyways. Normally when you click a pr0n-link, you get infected with a virus. So if you click a virus-link, you would expect to see porn.

      --
      What?
    6. Re:How many slashdotters by sticky_charris · · Score: 4, Funny

      Thats why real perverts run linux ;)

  2. It's hardly a surprise by Xiph · · Score: 4, Funny

    to tech professionals, that users need clue distributed by bat

    --
    Blah blah sig blah blah blah irony blah blah
    1. Re:It's hardly a surprise by the+unbeliever · · Score: 4, Funny

      Getting rid of most std's is easier than getting rid of some spyware/viruses...

      Consider your average spyware/virus akin to chlamydia or syph, while the really nasty stuff is more like aids/herpes...

      Granted, you can't reformat your body and get rid of it, but if you consider a reformat more along the lines of reincarnation...

    2. Re:It's hardly a surprise by Eivind · · Score: 4, Insightful
      The worst-case scenario are however very significantly different.

      Worst-case for a virus-infected windows-machine ? Complete reinstallation. A day lost, hell make it "toss away $1000 machine".

      Worst-case for std ? Death.

      Not really comparable.

  3. 0,16% by JanneM · · Score: 5, Insightful

    At a click rate of 0,16% - about one in 600 - I have to wonder if not a fairly large portion is simple click errors. You intend to click on some other link nearby on the page but by mistake click that one instead. There's several kind of interaction slips just like that that we do in other circumstances after all.

    --
    Trust the Computer. The Computer is your friend.
    1. Re:0,16% by dour+power · · Score: 4, Insightful

      Even those who deliberately clicked on the link could have easily read the text as, "Get it inspected here!" Not an excuse, but certainly understandable. How many /. article postings contain at least one sincere reply of the form, "Am I the only one who read that as...?"

  4. Hmmm by gordgekko · · Score: 5, Insightful

    It's news that at least 0.16% of people are idiots? Actually I'm shocked the number was this low. This is actually good news.

    --
    You want to know who isn't running Firefox 2.x? They spell it "definately" and "rediculous".
    1. Re:Hmmm by julesh · · Score: 4, Insightful

      Consider that click through rates to a relevant ad are typically less than 3%. This represents 5% of people who would normally click on an advert.

  5. Not exactly. by SolitaryMan · · Score: 4, Insightful

    The Google Adwords campaign cost $23 in total, which works out to $0.06 per infection had the site actually been malicious."

    Not exactly.

    $0.06 per infection attempt, which is obviously not the same thing.

    --
    May Peace Prevail On Earth
  6. Re:Sad... by Architect_sasyr · · Score: 4, Funny

    Which way did you say?

    --
    Me failed English...
    FreeBSD over Linux. If my comments seem odd, this may explain...
  7. Underserved group by Nymz · · Score: 5, Interesting

    At a click rate of 0,16% - about one in 600 - I have to wonder if not a fairly large portion is simple click errors.

    At first I thought the same thing, just random misclicks. But then it hit me, there are a large number of users on the internet that don't have the know-how to install a virus on a computer of someone they hate, like an uppity coworker.

    Imagine a bussiness model that would allow anyone to simply 1-click and install a virus (not a feature, those are patentable). Revenue would be generated with advertisments downloaded by the trojan, that would popup at random times on the victims computer. In essence, the victim would have to pay for the service. Brilliant!
  8. Re:0,16% Mac/Linux users by nyctopterus · · Score: 4, Insightful

    And of that tiny percentage how many were Windows users taking the fairly safe bet that the ad didn't do what it said?

  9. Doesn't really mean much by gazbo · · Score: 5, Insightful

    Hell, if I saw that link I'd click on it for sure. Well, I might drop to Cygwin and use lynx "just in case", but there's no way I'd not investigate such a link.

  10. Why does it matter what OS they were using? by Torodung · · Score: 5, Insightful

    I once explained that browser security is almost entirely determined by the user. This proves it. I wouldn't trust that 0.16% with a pocket calculator, let alone a computer!

    You can't write code or design software that will secure "stupid." Firefox and Linux are certainly easier to secure, and they have a better security model, but they aren't idiot proof.

    If those folks were using an abacus, they'd probably get their head stuck in it! <G>

    --
    Toro

  11. Huh? by julesh · · Score: 4, Interesting

    Last time I ran a Google Adwords campaign, they'd drop your advert if you get less than a threshold clickthrough rate. I think it was 0.5%. It was certainly higher than 0.16%. So how did they do this? Have Google dropped that restriction?

  12. Re:Time for a crusade! by ronanbear · · Score: 4, Funny

    If you had a hardened system first then porn wouldn't be as useful.

    --
    the more they over-think the plumbing the easier it is to stop up the pipe
  13. or cache pre-fetch by jamesh · · Score: 4, Interesting

    Would any aggressive cache pre-fetch engines follow links like this?

  14. Re:You pay all this money for AV software.. by seven7h · · Score: 5, Funny

    Looks like we have a member of the 0.16% here on /.
    $12.50 x 4 = $50

  15. click_me.exe by voudras · · Score: 4, Funny

    My good friend once joked that 95% of users would double click an icon named "ClickMe.EXE", without much thought at all.

    the other 5 percent would right click and select open.

  16. Badsense by Dogtanian · · Score: 4, Funny

    The sad thing is that using something more enticing like "Free boobs this way" would send millions of clueless Joe Windowses your way... I can see the advert now:-

    Free boobies for all!
    Cute booby chicks for your delectation! aff
    en.wikipedia.org
    --
    "Slashdot - News and Chat Sites Deviant". (Click "homepage" link above for details).
  17. I worked with a guy... by httpamphibio.us · · Score: 5, Interesting

    He comes into work one day and you can tell by looking at him that he's pissed. He goes into the break room to get ready for the shift so I go back there and ask him what's wrong.

    He says, "I'm need a new ****ing computer."
    I ask why...
    "because the one I have now is too slow. I can't use the web because I get hundreds of popups."
    I tell him that's a pretty easy thing to fix and off to burn a CD and write up some directions for him.
    He tells me that won't work... again, I ask why.
    "Because I'm ****ing sick of Microsoft."
    I tell him I totally understand that, but that his problem with the pop-ups is pretty easy to fix.
    He says, "No, it's not. I click on all the Windows that ask me if I want to remove the viruses from my computer and they are always charging me $20-$40 per virus. I spent almost $400 last week!"

    Another computer savvy employee had joined the conversation by this point and we both looked at each other in complete disbelief. The guy wasn't joking...

    --
    sig.
  18. Re:Attempted Infection == Infection by ajs318 · · Score: 4, Insightful
    Yes, but if you didn't know what it was or whether it was safe, you wouldn't click it in your browser, would you? You'd use netcat. For example, if the link goes to http://somesite.someisp.cc/some/long/filename.ext? query_string then you'd need to do

    echo -e "GET /some/long/filename.ext?query_string HTTP/1.1\nHost: somesite.someisp.cc\n" | nc somesite.someisp.cc 80
    which will dump the raw HTTP response onto STDOUT. And that's safe because you can't muck anything up by printing to the screen (well, you might get unlucky and have some weirdy escape code sequence turn off echo or redefine the entire character set or beep incessantly; but the whole beauty of xterm windows is that you can always close one forcibly if you have to).

    And then, if and only if it looks safe, you can use wget http://somesite.someisp.cc/some/long/filename.ext to download it for investigation.
    --
    Je fume. Tu fumes. Nous fûmes!
  19. Re:Sad... by ZOMFF · · Score: 5, Funny

    It's true. Free porn is a great way to get people to click on things they usually wouldn't click on. While I was in college about 8 years ago, I set up a porn share from my computer that was password protected. I also included a file called GET_PORN_PASSWORD.EXE which popped up a box with the password. The EXE also installed the client stub for Sub7 (a type of back-orafice program). Since Sub7 was fairly new, none of the antivirus software picked up on it. Over the next 24 hours I had pretty much 8,000 machines that I could fully remote, pull data off of, log key strokes, etc (my personal favorite was opening the cdrom drive and playing a "FEED ME" wave file).

    Luckily I was never questioned about the matter and by the time most people caught on, Antivirus definitions were updated to detect the Sub7 stub.

    --
    Launch every sig.
  20. Re:Attempted Infection == Infection by ColdWetDog · · Score: 4, Funny

    Oh no, that's much too complex. I just click on the little blue "E". Works every time.

    --
    Faster! Faster! Faster would be better!