Slashdot Mirror

← Back to Stories (view on slashdot.org)

Click-Fraud Trojan Politely Updates Flash On Compromised Computers

Posted by samzenpus on from the how-kind dept.

jfruh writes: Kotver is in many ways a typical clickfraud trojan: it hijacks the user's browser process to create false clicks on banner ads, defrauding advertisers and ad networks. But one aspect of it is unusual: it updates the victim's installation of Flash to the most recent version, ensuring that similar malware can't get in.

7 of 66 comments (clear)

  1. Re:Cowbird defense by gstoddart · · Score: 4, Interesting

    Bah, tinfoil hat defense ... uninstall Flash on the premise it's full of security holes and is waste of time.

    It always has been.

    I don't trust most sites to set cookies or run Javascript ... run Flash?

    No fucking way.

    --
    Lost at C:>. Found at C.
  2. Net positive? by Krishnoid · · Score: 4, Interesting

    Not just "similar" malware, but anything that has a patched-to-date Flash infection vector. It might actually slow the spread of malware, while decreasing its own ability to spread, at least by that mechanism. And finally, when it's found and purged, the infected systems are somewhat more secure.

    Not saying this is a good idea, but it seems that if it spread enough, it could decrease infectable targets in the short-term, maybe drastically?

    1. Re:Net positive? by Anonymous Coward · · Score: 2, Interesting

      There used to be a virus that patched broken IIS servers back in 90s and early 2000. One more for the road?

  3. Mixed Feelings by Anonymous Coward · · Score: 3, Interesting

    I'm not sure how to feel about this. On the one hand, yes, trojans are bad. But on the other hand, anything that negatively impacts advertisers can't be all that bad.

    1. Re:Mixed Feelings by Anonymous Coward · · Score: 2, Interesting

      "Let's kill all advertising ..."
      I have no problem with this. If it means going back to pre-1995 Internet content, but with the modern tech that we have now, I have no problem with that either.
      It's really irritating that the Ad Men think that the World revolves around them, and their various deceitful schemes. It doesn't.
      I bought my first house, my first yacht, and my first Ferrari, all without the distraction of Internet advertising. The same goes for my first computer, my first test equipment, and my first girlfriend.
      Yes, I did buy a Powerbook G4 off of the Apple website once, but I already knew all about it- we used a _lot_ of them at work, and I got a discount.

      "Wouldn't it be great, not to know about anything people are trying to create for you?"
      Yes, it would. If it's any good, I'll find out about it eventually. I'm a Divvy.
      I don't give a damn about something stupid that "...people are trying to create..." for me. I don't care to spend the time researching _anything_ that is "Market Driven".

    2. Re:Mixed Feelings by Anonymous Coward · · Score: 2, Interesting

      I bought my first house, my first yacht, and my first Ferrari, all without the distraction of Internet advertising. The same goes for my first computer, my first test equipment, and my first girlfriend.

      Your first girlfriend's low cut blouse was an advertisement.

      The problem with ads online isn't the fact that they exist vs. not existing. It is the pervasiveness, literal bombardment and danger of them.

      An analogy would be a girl wearing a low cut blouse - this says "hey, look at me - I'm on the market." That (non intrusive, 'just there but not engineered specifically to generate unconscious clicks') is fine.

      This is far different than millions of women (ads), statistically likely to fuck you over, shoving their uncovered boobs in your face like it or not saying "fuck me - I want you.", legally justified in saying that because you walked into the bar where said exposed boobs are present and that it was you that made the first and forceable move (by visiting a given site) then making the argument that you raped them (clicked on) when you have a problem you ended up with an STD (virus/trojan/other).

      Women are used only and analogy to continue the OP's point.

      I think there is a point where TOS and user responsibility isn't valid when it contradicts the very instinctual human behavior being counted on by the website (ie - 'bar' or other 'social establishment'). Especially when the average user is like a naive virgin that does want to get laid but is being take advantage or because they don't understand the cost/benefit ratio.

      Bottom line: internet advertising needs to clean up it's own shop. If it is to be trusted, THEY need to POLICE their own. If they don't, then they are harming themselves. They have no responsibility of course but it is in their own best interest to help weed out bad actors. If they don't then all actors are assumed to be suspect.

  4. JailBreakMe.com by tlambert · · Score: 4, Interesting

    JailBreakMe.com did a similar thing on iPhones: patched the tiff library exploit that it used to get on the phones in the first place, making it impossible to re-exploit.

    I did the same thing with the Commodore Amiga in 1985, modifying a boot virus to include a payload that would patch the MOVE from processor SR. This let me install a 68010, which let me run SVR3 on the thing, without breaking a lot of popular software like Magic Sack and Transformer, both of which used the privileged version of the instruction for no good reason.