Marshal8e6 - Ya!Bucks Spread Malware, Spam Bots and Executable Files
Gavin Neale, an online security expert at "Marshal8e6" has claimed that Ya!Bucks is involved in the spreading a wide range of malware, as reported by SCMAGAZINE on September 1, 2009.
Neale explains that after taking membership of Ya!Bucks, anyone can access an executable file which he can proliferate to victims' PC using his own personal methods. Ya!Bucks member gets the money if a computer user bought the software which was illegally installed on his system.
Such kinds of affiliate software are responsible for the rising number of malicious web pages. These pages are deliberately created to host affiliate programs so that they could be installed on system easily, said Neale.
In addition, Ya!Bucks members have the authority to use available landing pages, which are separately given for the redirection of traffic from their web pages. They can redirect the traffic by using their own tactics. This tactic is quite often seen in SEO plans wherein special web pages are created for search engine results to draw the targeted audience. From these SEO web pages, the audience is redirected to pages hosting affiliate programs. In the case of Ya!Bucks, affiliate programs are typically presented as antivirus applications and trick users to install them freely.
Hence, Marshal8e6 TRACElabs had planned a sting operation with an objective of reaching the roots of the website. The Lab took the membership of the website and began to receive e-mails regarding new undetectable executable files.
In other words, YaBucks! updates its members about the particular names of files which they could use for spreading malware. Moreover, these files could not be detected by antivirus software. Although a couple of antivirus applications succeeded in identifying the malicious files in the beginning, some days later majority of programs had added them on their signature database.
As per "Marshal8e6 Labs" test, the executable installed a large range of malware such as Pushdo and Rustock spam botnets and 'Protection System' an antivirus software. All these threats lead to the slowdown of the system to a speed which makes its almost unusable and popped up a number of window messages.
Finally, the test conducted by the security company proved successful.
Related article: Marshal Identifies Six Botnets Spamming 85% of World Spam
» SPAMfighter News - 18-09-2009