Slashdot Mirror

← Back to Stories (view on slashdot.org)

Flashback Click Fraud Campaign Was a Bust

Posted by Soulskill on from the peter-principle-for-black-hats dept.

zarmanto writes "It seems the Flashback botnet has netted their creators nothing but frustration. Flashback was tagged early on by anti-virus vendors, who promptly sink-holed many of the command & control addresses, and essentially crippled the hacker's ability to control the vast majority of the Flashback botnet... but that's not the best part. The Flashback spawned click fraud campaign resulted in... nada! It seems that their pay-per-click affiliate may be on to their scheme, as they refused to pay out. Score one for the good guys, for once."

29 comments

  1. Who clicks on ads? by tomhath · · Score: 1

    over 10 million ads on compromised computers but only a small percentage of users who were shown ads actually clicked them, with close to 400,000 ads being clicked

    That's a very high click-through rate. What was it that enticed so many morons to click on an advertisement? Nobody I know ever clicks on that kind of crap.

    1. Re:Who clicks on ads? by Anonymous Coward · · Score: -1

      Nobody I know ever clicks on that kind of crap.

      Nobody you know voted for Bush, either, right?

    2. Re:Who clicks on ads? by w.hamra1987 · · Score: 2

      oh you'll be surprised... don't be alarmed if one day you discover someone inside your own house is ad-clicking, or worse, can't tell the difference between a real button, and a flash-drawn ad button... and here i thought, my people would know better after all these years of obviously useless rants from my side....

      --
      my sig pwns your sig
    3. Re:Who clicks on ads? by Anonymous Coward · · Score: 0

      Nobody you know voted for Bush, either, right?

      More people *I* know voted for Bush than Obama, and they will probably vote for Romney this time. Your point?

    4. Re:Who clicks on ads? by tomhath · · Score: 3, Insightful

      Not likely. We use Firefox and Adblock, so pretty much anything that looks like an ad is suspect. Only fools click on them.

    5. Re:Who clicks on ads? by Zocalo · · Score: 1

      We're not talking about a typical cross-section of users here, remember? Apple might not have responded in a prompt manner with a fix, but the AV vendors etc. had detection routines in place very quickly indeed and yet they still got infected, so we can reasonably expect a higher than average proportion of users that are either not keeping up to date with security tools and their updates, or are not running any at all. If they don't grasp that concept, then why should they know that clicking on ads and links in emails can sometimes result in bad things happening?

      Apple's sudden popularity has put its head well and truly above the parapet, so it's only natural that the malware peddlers started to target it, and why not? It's going to be a while before AV tools become as ubiquitous on OSX as they are on Windows, and if Apple responds to the next vulnerability with a similarly huge window of opportunity then the potential payback cited in the article is huge; millions of dollars a year. It's not just Apple either; there's another suddenly popular OS in a similar situation. It's almost certainly just a matter of time before someone finds a similar exploit in Android, and while Google might be on the ball getting it patched, I'm not confident that get that patch downstream and out onto third party devices is going to happen quickly either given how tardy some vendors have been pushing their ICS updates out.

      --
      UNIX? They're not even circumcised! Savages!
    6. Re:Who clicks on ads? by tomhath · · Score: 2

      Oh, and Flashblock too, so your flash-drawn buttons are pretty obvious.

    7. Re:Who clicks on ads? by Anonymous Coward · · Score: -1

      That you don't know an idiot when you see one, even in a mirror.

    8. Re:Who clicks on ads? by Anonymous Coward · · Score: 0

      are you really not aware that THE WORLD IS FULL OF FOOLS

    9. Re:Who clicks on ads? by Anonymous Coward · · Score: 0

      Its an exploit. You dont have to click on anything. Just visiting a site will get your computer 0wned.

    10. Re:Who clicks on ads? by cas2000 · · Score: 0, Troll

      this shouldn't need explaining but...

      his point is that you'd have to be a complete fucking cretin to click on ads, just as you would have had to be a complete fucking cretin to have voted for Bush.

      not that voting for Bush's opponents in 2000 or 2004 would have been particularly appealing(*), but voting for the far greater of two evils is just fucking stupid...Bush will go down in history as the idiot puppet who destroyed what little was left of the american experiment.

      and as for the current crop of republican candidates - i honestly can't understand how *anyone* sane could even consider voting for ant of them, or why their very presence as serious candidates for the US Presidency isn't regarded as a cause for deep shame and embarrassment by Americans. they all seem like complete lunatics. terrifying lunatics.

      but then, i'm not an american and i think it's blindingly obvious that pretty nearly all of your politicians are either batshit insane or are the enthusiastic puppets of megacorps or both.

      (*) Gore wasn't too bad but if he had won, he would have found (just like Obama) has that he wouldn't be allowed by the corporate owners of America to actually do anything major. So he wouldn't have been able to do much good, but at least he wouldn't have done anything actively evil....he certainly wouldn't have jump-started the whole war on terror bullshit or the invasion of Iraq (best excuse: "he tried to kill my daddy") and dragged america (and the conga-line of suckholes in the "coalition of the willing") into the state of permanent war and the Orwellian nightmare that we're living in right now.

      And he wouldn't have let the banking scumbags and wall street thieves get away with the massive frauds they perpetrated over years that resulted in the economic crisis of 2007/2008.

      So yeah, you would have had to be a complete fucking cretin to vote for Bush. Or for any of the current crop who promise only more of the same but worse and with an even larger dose of fucked-up religious insanity and/or libertarian lunacy layered on top.

    11. Re:Who clicks on ads? by rtb61 · · Score: 1

      Fake buttons. So where can you generate lots of clicks, continually update the software to hide the source, hmm, flash based games.

      If you going to cheat you might as well cheat big time, without breaking the law. So insert adds into games, that have to be clicked, that open a new background or re-open it in an already open background window.

      So objective achieved lots of click throughs with the end user none the wiser or unhappy about making the clicks, as long as they want to play the game of course the person paying for those adds might not be too happy ;).

      --
      Chaos - everything, everywhere, everywhen
    12. Re:Who clicks on ads? by Anne+Thwacks · · Score: 2

      It should be obvious: The stupid vote for the stupid candidate, and in America, the stupid are very nearly the majority.

      --
      Sent from my ASR33 using ASCII
    13. Re:Who clicks on ads? by hairyfeet · · Score: 2

      Not everyone is net savvy you know. I have been teaching a neighbor who was computer illiterate and I've had to go through explaining as many of the tricks as i could off the top of my head but he STILL ended up with a bug trying to install itself because he used a local Wifi hotspot that required IE and thus blew my adblock and pop up blocking all to crap.

      Luckily i taught him to always listen to the AV and if the AV said no them dammit don't do it, so when the AV popped up and said "Don't run that!" he listened. but I can see how easily those like him could have been fooled because he took a picture of the screen and it looked pretty damned close to a Windows dialog box. While you or I would have known it was bullshit, someone like him who didn't know about such tricks? i could easily see why they get burned.

      --
      ACs don't waste your time replying, your posts are never seen by me.
    14. Re:Who clicks on ads? by DeathElk · · Score: 1

      Modded troll, surprise surprise. One who speaks the truth is not a troll.

    15. Re:Who clicks on ads? by Anonymous Coward · · Score: 0

      Respect teh authority of teh majority!

      Unless the elections are rigged badly, the one with the most votes wins. Whether he/she speaks the truth or not.

    16. Re:Who clicks on ads? by Anonymous Coward · · Score: 1

      It's okay, these supposed brilliant tech people that call everyone fools probably wouldn't know the first thing about fixing their car engine..... They take it to the mechanic, who's probably the 'fool' that clicks on ads.

    17. Re:Who clicks on ads? by Anonymous Coward · · Score: 0

      other non-related bots and crawlers click on ads
      and they can be fooled just as much as a human

    18. Re:Who clicks on ads? by cas2000 · · Score: 1

      "rigged badly"? you mean like the vote in Florida in Nov 2000?

    19. Re:Who clicks on ads? by Anonymous Coward · · Score: 0

      Like hell we do.
      Unlike most lawyers/doctors/mechanics that I do work for, most good "IT people" are smart enough to realize that there is a minimum required knowledge before doing anything, and have the curiosity and intellect to actually locate the manual and even read it.

      Just because you can get something to run doesn't mean you're qualified to use it.

    20. Re:Who clicks on ads? by tlhIngan · · Score: 1

      It's okay, these supposed brilliant tech people that call everyone fools probably wouldn't know the first thing about fixing their car engine..... They take it to the mechanic, who's probably the 'fool' that clicks on ads.

      Exactly. People forget that computers and cars are basically required tools in modern society. You can get along never OWNING one, but it won't be long before you're required to USE one (even if it's not yours). Teaching them all the ins and outs of these required machines is a futile effort.

      I mean, think about it - if you're paying a mechanic $100/hr, do you really want him "recompiling the kernel" or "reinstalling Windows" on your dime? or "Advocating for the source code", again on your dime? (someone's gotta pay for it after all).

      Nevermind all the shady mechanics who insist you need a new frobber because you're the kind that looks like you can be scammed out of another thousand bucks or so. Heck, maybe some parallels can be drawn up - people constantly ask for help when dealing with mechanics to avoid situations like this, after all...

  2. Trial run. by Anonymous Coward · · Score: 0

    They patch up and roll out new and improved model....

  3. I disagree by Anonymous Coward · · Score: -1, Troll

    The modern Internet is fucking shit, and Slashdot is part if that. Pages block simple functions, previously taken for granted, such as the ability to freely scroll around or copy text. Fuck this, you cunts. JavaScript should be as dead as your sense of decency. And why is Slashdot such a bloated fucking mess?

    1. Re:I disagree by Anonymous Coward · · Score: 1

      Don't just sit there and bitch like a little girl, take back your control, install browser plugins that block/alter/add features to web pages.

      I've installed a few plugins to FF which does just that, aside from AdBlock+ the other most helpful plugin is Greasemonkey, I too am sick and tired of websites changing their layout for the worse when they think they're doing their visitors a favour.
      I don't profess to know how to write Greasemonkey scripts but I've managed to learn enough to copy'n'paste'n'modify existing scripts to make certain websites I visit regularly look better and less cluttered without the crap that doesn't interest me.

    2. Re:I disagree by Anonymous Coward · · Score: -1

      A real man just takes it up the ass without complaining. If you're a REAL AMERICAN.

  4. Good guys? by kiite · · Score: 1

    The only one who wins here is the ad affiliate.

    1. Re:Good guys? by BigSlowTarget · · Score: 1

      Yep, I'd bet on no refunds to the people who actually got clickfrauded.

    2. Re:Good guys? by Spamalope · · Score: 1

      Yep, I'd bet on no refunds to the people who actually got clickfrauded.

      Exactly. The other possibility is that the ad affiliate actually paid the botnet owner for the clickfraud to 'legitimize' extra charges to the advertisers.

  5. A Bust? Not Likely by MogNuts · · Score: 2

    Let's not forget who we're dealing with here. Apple makes their business duping people and manipulating people into thinking thing's are magical. The heavy-handed way they deal with press is well known.

    That said, all it takes is one "leaked" story or one bough-and-paid-for (or influenced) study or online news site to say that its a bust and poof! Malware makers will suddenly think it's not profitable to write malware for iOS/OS X.

    So don't buy it. Apple has had a history of malware, and a record amount of malware and vulnerabilities in it's user software (Quicktime, ITunes, Safari, etc.).

    Apple malware will rise. And their BS sandboxing method isn't gonna stop it.