Russians Use Affiliate Model To Spread Spyware, Adware
Source: Security Pipeline - Posted by Pax Dickinson   
Hacks/Cracks An online business based in Russia will pay Web sites 6 cents for each machine they infect with adware and spyware, security researchers said Tuesday, calling the practice "awful."

iframeDOLLARS.biz, which according to a WHOIS lookup, is registered to a Nick Fedorov in Nizhny Novgorod, a Russian city on the Volga about 240 miles east of Moscow, will pay Webmasters to place a one-line exploit on their sites. The code exploits a number of patched Windows and Internet Explorer vulnerabilities, including some that go back as far as 2002. Systems that haven't been updated, however, would still be vulnerable to the exploit. According to analysis done by the SANS Institute's Internet Storm Center, the exploit drops at least nine pieces of malicious code, including backdoors, other Trojans, spyware, and adware, on any PC whose user surfs to a site hosting the exploit code.

iframeDOLLARS says it pays $61 per thousand unique installs, or 6.1 cents per compromised machine, to any site that signs up as an affiliate. The Russian firm boasts that its exploit works "without any ActiveX console or any pop-upsIt means that you will not lose your unique visitors." Nor, apparently, give away the fact that the code is dropping malware onto machines whenever a vulnerable user simply visits an affiliate site.

According to the Internet Storm Center, organizations can prevent the downloading of adware and spyware from iframesDOLLARS' servers by blocking the IP address 81.222.131.59.

Read this full article at Security Pipeline

Only registered users can write comments.
Please login or register.

Powered by AkoComment!