The Clickbot.A Trojan installed on 34,000 vulnerable PCs has been exploiting pay-per-click advertising programs, and the amount of money stolen this way could make the legendary robberies of the past pale in comparison.
Forget about “The Italian Job”. The Clickbot.A Trojan’s potential haul makes that look like, well, a movie. With antivirus firm Panda Software reporting the Trojan is on 34,000 PCs located in various parts of the world.
The bots receive instructions from several web servers, according to Panda’s advisory:
This allows the perpetrators to define, for example, the web pages on which the adverts are hosted or the maximum number of clicks from any one IP address in order not to arouse suspicions. Similarly, the number of clicks from the bot can be monitored as well as the computers online at any one time. The system used can evade fraud detection systems by sending click requests from different, unrelated IP addresses.
Panda did not name company whose advertisements are being targeted by the Clickbot.A network. The Trojan activates on infected machines whenever a user launches Internet Explorer.
The financial impact of the fraud scheme could be tremendous. Depending on the number of clicks and cost per click of each ad, the numbers may reach into the billions. Publishing 2.0 writer Scott Karp provided some possible figures in his post on the issue:
10 clicks/day X $1/click X 34,000 computers X 365 days = $124M annual fraud
100 clicks/day X $1/click X 34,000 computers X 365 days = $1.2B annual fraud
100 clicks/day X $5/click X 34,000 computers X 365 days = $6.2B annual fraud
For the first 3 months of 2006, Google reported $928 million in “network” ad revenue, on track for $4 billion in 2006. What if 5% of that is fraudulent? What if it’s 10% or 25% or 40%?
—
Tag:
Add to Del.icio.us | DiggThis | Yahoo! My Web | Furl
David Utter is a staff writer for murdok covering technology and business.