Slashdot Mirror

← Back to Stories (view on slashdot.org)

Bahama Botnet Stealing Traffic From Google

Posted by timothy on from the now-that's-offsides dept.

itwbennett writes "'As part of its design, the Bahama botnet not only turns ordinary, legitimate PCs into click-fraud perpetrators that dilute the effectiveness of ad campaigns. It also modifies the way these PCs locate certain Web sites through DNS poisoning,' explains Juan Carlos Perez in an ITworld article. 'In the case of Google.com, compromised machines take their users to a fake page hosted in Canada that looks just like the real Google page and even returns results for queries entered into its search box. It's not clear where the Canadian server gets these results. What is evident is that the results aren't 'organic' direct links to their destinations, but are instead masked cost-per-click (CPC) ads that get routed through other ad networks or parked domains, some of which are in on the scam and some of which aren't.' 'Regardless, CPC fees are generated, advertisers pay, and click fraud has occurred,' Click Forensics reported on Thursday in a blog posting." Related: Techcrunch reports on a massive Chinese click-fraud ring controlling 200,000 IP addresses.

12 of 52 comments (clear)

  1. Yay Click Fraud by rwv · · Score: 3, Interesting

    Because having retailers pay for ads that will never generate sales is the only way to make them realize that it's not worth it to advertise in the first place.

    As an aside, I'm looking forward to the new US blog rules that go into effect in a month that state bloggers need to say if they are getting paid to promote a product.

    1. Re:Yay Click Fraud by iYk6 · · Score: 3, Insightful

      That's one potential outcome. I think it is more likely that advertising will just be worth less, and so ad based web sites will make less money per advertisement, and will need to show more advertisements to stay in business.

      Fraud has been going on for a long time. This isn't new, and isn't going to change anything.

    2. Re:Yay Click Fraud by graphius · · Score: 2, Insightful

      While some ads are obnoxious and annoying, advertising is an important part of competition and capitalism. The old adage of build a better mousetrap and the world will beat a path to your door is completely false. flamebate The dominant operating system is not necessarily dominant because it is the best on the market /flamebate
      Having said that, the cost per click model is completely outdated. It is only to the advantage of the advertising companies. It makes much more sense to have a flat fee. Radio and television ad costs are based on the size of the projected market (determined through various means) not directly on who is listening/watching any particular ad at any one time. In other words, a business pays for a TV ad regardless of whether you hop in your car and drive immediately down to the QuickieMart to pick up a soft drink...
      I think one step in getting less annoying Internet ads is to dispense with the concept that they are only worth something if you can coerce/convince someone to click on the ad. Rather, ads are used to build your reputation and increase familiarity.

    3. Re:Yay Click Fraud by rwv · · Score: 3, Interesting

      Rather, ads are used to build your reputation and increase familiarity.

      I would agree to this, except for the fact that there are so many advertisers who use obnoxious flash ads that distract and dance on the screen. These monstrosities don't make any attempt to build reputation.

      Also, the other day I saw an "Amazon" ad for a cordless drill (a product that I'm in the market for). They were advertising a sale for a product that I actually wanted and it came up either by luck or because they used cookies to figure me out. Either way... no click because they used an hidden/embedded flash link and so there is zero trust from me that the ad was actually going to take me to Amazon.

      I think the whole industry is fucked, and while I admit it's wishful thinking to hope that advertising goes away... I know that they'll be around for a long, long time.

    4. Re:Yay Click Fraud by Anonymous Coward · · Score: 2, Interesting

      Speaking as someone who's currently consulting for a company building analytics tools for several of the biggest ad servers, I am (very) sorry to say that these ads *do* generate sales, a depressingly large amount in fact.

  2. Are clicks still being sold? by Errol+backfiring · · Score: 2, Insightful

    Are clicks still being sold? It is not interesting how many visits you get, but how many items are bought. So companies don't want visitors, they want customers. The salesmen I encountered were never interested in clicks, but were interested in "ad provision".

    --
    Nae king! Nae laird! Nae yurrupiean pressedent! We willna be fooled again!
    1. Re:Are clicks still being sold? by bjourne · · Score: 3, Informative

      Tracking users via cookies. When a user clicks an ad, it sets a cookie in that users browser. Then when that users makes a purchase/signs up, it can be shown that there is a direct link between the ad and the sale so the advertiser gets payed. That is how most serious ad networks operate these days.

      --
      Football Odds
    2. Re:Are clicks still being sold? by cbiltcliffe · · Score: 4, Insightful

      So then people like me, who deny all cookies from advertising networks, are then committing click-fraud by not allowing the ad to be traced?

      It doesn't matter how you do it; if it's on the Internet, there will be an edge case of some type that doesn't fit, and breaks your model. Whether it's criminal click-fraudsters, paranoid anti-cookie loons, or some guy who's surfing on their friend's computer. They click an ad, their friend makes a purchase a week later, and the advertiser gets paid for......what, exactly?

      --
      "City hall" in German is "Rathaus" Kinda explains a few things......
  3. What on earth are marketers thinking? by Anonymous Coward · · Score: 2, Insightful

    It's almost like saying in New York, "We hand out these stickers with the free-phone number of our store to you, and we will pay $1 for every call the number gets". There's a grillion ways you can achieve a lot of calls to a number. If I was a CEO, I would question the budget line for "click-financing" a lot.

    captcha: vibrator

  4. Good! These actions improve awareness & securi by mrnick · · Score: 2, Insightful

    This is just one example of how easily protocols can be subverted on the Internet. I don't feel bad for the people that are unknowingly facilitating criminal activity on the Internet. They are not victims they are a big part of the problem. Just as ignorance of the law is no excuse for breaking it ignorance should not be an excuse for underestimating the dangers of participating as a user on a public, untrusted, network (uhhhmm the Internet).

    The way these black-hat crackers are subverting the system is nothing new. It boils down to a simple man in the middle attack. I wouldn't be surprised if the Google search engine results that the OP stated that he didn't know where they were originating from didn't originate from Google. Google is likely profiting from this interaction as well. If someone can get in front of you and your destination (likely they have put themselves between you and the rest of the Internet community) then they can assume the identity of any content that you receive. So, if it Root DNS Servers and certificate authorities so they can phish your private information or increase someone's click revenue, as described in the OP, the fact remains that the ignorant pawns in this overt act are partners in the conspiracy.

    If you are stupid enough to keep paying for clicks that don't land fruit then you deserve to loose your money. It's just bad business.

    The more that people are reminded that the Internet is a no man's land and paying your $50 a month doesn't provide you any protection from the nefarious subculture that exists in every aspect of human interaction (including the Internet) the better. Hopefully pawns will wake up and realize that they need to take responsibility for their security and that of others (if you are a upstanding individual). Plus security is a reactive function. If nobody had ever started sniffing packets in efforts to steal private information we likely wouldn't have encrypted certificate signed HTTP today. This kind of activity will lead to further security enhancements though I don't think society should ever let their guard down because regardless of how tight security gets there will always be someone out there that can subvert it. The war is over, but the battle never ends.

    Yeah...

    Nick Powers

    --

    Encryption: I may not agree with what you say, but I will defend your right to encrypt it...
  5. I've run across this.... by cbiltcliffe · · Score: 2, Informative

    I've run across this beast before. Being Canadian, and used to all this crap being hosted in Russia, China, and various other places like that, imagine my surprise when I found the hosts file redirected all Google searches to a webhost in Ottawa.

    However, it might be somewhat easy to detect. When you try to log in to Google, Youtube, or any other Google service, the browser throws a security warning, because the secure Google login website is using a self-signed certificate.
    Although this may only apply after the active component of this malware is removed....I'm not sure. Didn't try to log in to Google before removal to try, because I didn't realize what I was dealing with a the time....

    --
    "City hall" in German is "Rathaus" Kinda explains a few things......
  6. Comment removed by account_deleted · · Score: 2, Interesting

    Comment removed based on user account deletion