Security Researcher Finds Fresh Crimeware, Pay-per-Install
Brian Krebs an independent security researcher reports of pay-per-install (PPI), one fresh kind of crimeware that he lately encountered wherein criminal gangs allot monetary commissions to 3rd-parties if they can achieve a malware infection. Infosecurity.com reported this on June 10, 2011.
Interestingly, it appears that the technique applied in PPI likens that of pay-per-click advertising with the exception that there's much harm from the PPI outcomes. However, cyber-criminals provide access to interested parties to the large numbers of contaminated computers at a price for executing spam operations and/or DDoS assaults.
Explains Krebs, renters advertise PPI services on crime websites, with customers offering malicious software such as a password-capturing PC Trojan, a rogueware, or a spambot for the PPI utility.
Thereafter the utility sets a price between $7 and $180 for every 1,000 successful infections according to the targeted victims' geographical area, the researcher claims.
The intermediary party after this sets off to load his malware in different ways; however, Krebs says the payment made to him is solely on successful contaminations when the tracking is done with a malware detector contained in that malicious program itself.
Meanwhile, according to one study, researchers belonging to the Madrid Institute for Advanced Studies in Software Development Technologies and the University of California, Berkley depict hacking into 4 rival PPI services during August 2010 via the stealthy compromise of several associate accounts. The group reportedly developed a system that automatically and routinely pulled down the installers, which the various PPI utilities thrust, Krebs adds. Technologyreview.com published this on June 9, 2011.
Fascinatingly, an analysis by the researchers of over 1m installers that the PPI services provided showed that among the twenty different kinds of most-widespread malware programs worldwide, twelve utilized PPI utilities for purchasing infections.
Said Associate Professor Vern Paxson of computer sciences and electrical engineering at UC Berkeley, analyzing the study he didn't believe that PPI was the No.1 medium to cause malevolence in the wild. Rather it was botnets that were several million dollars worth annually, as they allowed miscreants to hire parties across the world for the spread of their malicious programs, reported Technologyreview.com.
Related article: Securities Push Up A Must For Web Companies
» SPAMfighter News - 20-06-2011