Malware Installation Now a Commercial Practice
Kevin Stevens, Security Analyst at Atlanta-based 'SecureWorks,' said that some websites such as "Earnings4U" were offering people money for installing malicious files on others' computers, as reported by Technology Review on February 2, 2010.
Stevens further said that the above practice was known as "pay per install." He described it during a lecture delivered at the Black Hat DC Computer Security Conference on February 2, 2010 in Washington, DC.
According to Stevens, during his study of the practice, he found that several companies were connected with the pay-per-install scheme. To elude security surveillance, these companies change their names from time-to-time.
Stevens also came across online forums where visitors exchanged suggestions for money-making process. In addition, they shared various sophisticated tools with which malware could be installed easily. This business appears nearly genuine and legitimate, said Stevens.
When visitors become members of the websites to obtain the affiliate software, they frequently download a 'cocktail of malicious programs,' which are subsequently distributed as much as possible. A popular method for this distribution has been to add the malicious program to a video file, which is then presented for download from a P2P file-sharing website. Another propagation method is to place the malicious program on a website and then through 'Search Engine Optimization' tactics draw visitors towards it.
The affiliate software, Stevens highlighted, could use a number of different programs. For instance - "Crypters" were programs, which disguised malicious software to effectively elude antivirus applications.
Besides, Stevens discovered websites that offered rates like $6/1,000 installs on computers located in the Asian countries, up to $180/1,000 installs on computers in the USA. However, the websites did not cater to installation on Russian PCs. Consequently, Stevens and others suspect that these websites may be hosted in Russia, as reported by Reuters on February 2, 2010.
According to Stevens, although the exact number of PCs infected on account of these websites is impossible to estimate, he assumes it could be in millions. Further, Steven estimates that a few among the bigger firms offering pay-per-install software have actually helped in installing 2.8 Million malware pieces every month.
Related article: Malware Authors Turn More Insidious
» SPAMfighter News - 09-02-2010