Malware Installation Now a Commercial Practice

Kevin Stevens, Security Analyst at Atlanta-based 'SecureWorks,' said that some websites such as "Earnings4U" were offering people money for installing malicious files on others' computers, as reported by Technology Review on February 2, 2010.

Stevens further said that the above practice was known as "pay per install." He described it during a lecture delivered at the Black Hat DC Computer Security Conference on February 2, 2010 in Washington, DC.

According to Stevens, during his study of the practice, he found that several companies were connected with the pay-per-install scheme. To elude security surveillance, these companies change their names from time-to-time.

Stevens also came across online forums where visitors exchanged suggestions for money-making process. In addition, they shared various sophisticated tools with which malware could be installed easily. This business appears nearly genuine and legitimate, said Stevens.

When visitors become members of the websites to obtain the affiliate software, they frequently download a 'cocktail of malicious programs,' which are subsequently distributed as much as possible. A popular method for this distribution has been to add the malicious program to a video file, which is then presented for download from a P2P file-sharing website. Another propagation method is to place the malicious program on a website and then through 'Search Engine Optimization' tactics draw visitors towards it.

The affiliate software, Stevens highlighted, could use a number of different programs. For instance - "Crypters" were programs, which disguised malicious software to effectively elude antivirus applications.

Besides, Stevens discovered websites that offered rates like $6/1,000 installs on computers located in the Asian countries, up to $180/1,000 installs on computers in the USA. However, the websites did not cater to installation on Russian PCs. Consequently, Stevens and others suspect that these websites may be hosted in Russia, as reported by Reuters on February 2, 2010.

According to Stevens, although the exact number of PCs infected on account of these websites is impossible to estimate, he assumes it could be in millions. Further, Steven estimates that a few among the bigger firms offering pay-per-install software have actually helped in installing 2.8 Million malware pieces every month.

Related article: Malware Authors Turn More Insidious

» SPAMfighter News - 09-02-2010

All SPAMfighter products offer a free trial!

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail, Windows Live Mail and Thunderbird.

Optimize your Slow PC for better performance. Try FREE scan now

Disk space recovery
and disk optimization. Try FULL-DISKfighter free

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial.

Remove Spyware with SPYWAREfighter - Free 30 days trial

Antivirus software for your Windows PC - Free 30 days trial