Clickbot – new bot tactic…



There is a new twist on the bot networks that have been the plague of computing in recent years. This one is called ClickBot. The story is from Incidents.org Many sites, (like this one) use adsense to “monetize their content”. The idea is that advertisers bid on “clicks”. So, if I wanted to advertise on the keywords “asheville computer repair” I might bid 5 cents for every click on one of my ads. The problem is many content owners are less than scrupulous.


Many, think… ok if I’m paid per click – I could click on my own ads, or encourage others to click on them (or tell others…) That’s against the terms of use and it should be easy to catch. Hm…. you always get clicks from IP address…….. which happens to be where you log into your adsense control panel from hm….. But, the bot writers are getting clever and this clickbot essentially uses zombie pcs to “click” on the ads, giving the bot network owner money and ripping out off of the advertisors. Yet another way to try and swindle people out of a lot of money by doing it a little at a time….

(Wasn’t that some plot line in one of the Superman movies from the 80′s – with Richard Pryor as a computer programmer, getting maybe the fraction of a cent interest from all the banks accounts transfered to his each month….) Anyway – random thought through the brain.

Here’s sans summary of the bot….

With pay per click programs such as Google Adsense, there is another way to earn money from advertisers by building a scam where the money flows like this:

The advertisers pay Google for clicks in the hope to sell something.

Google has a bunch of publishers that own a website and run banners for them. Google pays (a high percentage) of the revenue to the publisher.

Some of these publishers aren’t honest, but Google (tries to) detects fraudulous clicks and suspends them, so they need to hide the additional clicks better.

Somebody with a botnet generates the clicks from a few hundred machines and makes sure they look as innocent as possible. Keeps it a low profile while at it. Of course the botnet owner will want a share from the publisher.

Bottom line is that the advertiser pays in exchange for a bot visiting him.

It seems some bot operator left a website with both the bot’s *.exe and the web based control panels wide open. An anonymous source sent us the URL.

While some of the *.exe’s were detected pretty well, this one stood out [Virustotal results]:
AntiVir 6.34.1.27/20060514 found [TR/Drop.Small.ann.1]
Avast 4.6.695.0/20060512 found nothing
AVG 386/20060512 found nothing
BitDefender 7.2/20060514 found nothing
CAT-QuickHeal 8.00/20060512 found [(Suspicious) - DNAScan]
ClamAV devel-20060426/20060512 found nothing
DrWeb 4.33/20060514 found [Adware.IEHelper]
eTrust-InoculateIT 23.72.7/20060512 found nothing
eTrust-Vet 12.4.2207/20060512 found nothing
Ewido 3.5/20060513 found [Hijacker.BHO.d]
Fortinet 2.76.0.0/20060514 found [suspicious]
F-Prot 3.16c/20060512 found nothing
Ikarus 0.2.65.0/20060512 found nothing
Kaspersky 4.0.2.24/20060514 found [Trojan-Dropper.Win32.Small.ann]
McAfee 4761/20060512 found nothing
Microsoft 1.1372/20060513 found nothing
NOD32v2 1.1536/20060513 found nothing
Norman 5.90.17/20060512 found nothing
Panda 9.0.0.4/20060513 found [Suspicious file]
Sophos 4.05.0/20060513 found nothing
Symantec 8.0/20060514 found nothing
TheHacker 5.9.7.142/20060512 found nothing
UNA 1.83/20060512 found nothing
VBA32 3.11.0/20060513 found nothing
It is interesting to note that the botnet was 115 bots in size at the early time of the day I was looking at it and most were under 15 clicks each.

It’s been reported to Google in order to make sure nobody gets paid.

Related Posts

Blog Traffic Exchange Related Posts
  • Secrets of Making money online - bux.to I know, you've seen the ads - make $6000 a week in your spare time!! Make money doing the things you do ANYWAY, like reading email, browsing the web. The last week or so as things have been slow (and technically I was still "on vacation" until the 3rd of......
  • Epson Perfection 1650 scanner and Windows XP Limited User account "We tried scanning and all that happened was the lamp moved back and forth.... Nothing else happened." That was the description I had and the request to see why the scanner was broken. It hadn't been long since the Epson scanner had been hooked up to a new XP Pro......
  • VMWare's free VMPlayer One of the other things I had hoped to do this weekend was play around with the new VMWare player. VMware is a company that makes virtual machine software, the entry level pricing usually starting at $199 and going up from there. They've recently released a "Player" that can run......
Blog Traffic Exchange Related Websites
  • Great Internet Marketing Techniques For Your Business Internet marketing is a wonderful way to earn online cash. In this article we will discuss a few strategies that will help you understand it more. Whether or not you intend to target a specific niche market such as internet business opportunities or any other niche, it's essential that you......
  • How To Improve Your Blog Adsense Earnings If a blogger wants to monetize a blog, then adsense would be their first choice. There are bloggers who still struggle to make enough money from their adsense blog. However, there also bloggers who make thousand of dollars every month, just from adsense. What makes these bloggers different from the......
  • Get Important Advice About How to make money from a website There are many ways you can generate income from a website or a blog. I have listed below the ways and below that is a explanation of how you can earn money from your website. 1.Affiliate Marketing2.Online Marketing3.Referrer Programs4.Renting Ad Space1.Affiliate MarketingThis type of generating income is the most popular......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site