Chameleon Botnet, Generator of Click Frauds, Steals $6m

According to experts from security research and traffic-examining company Spider.io, one new botnet known as Chameleon is actively pilfering over $6m every month via generation of bogus user-clicks on advertisement websites.

It's understood that the bot-network contaminated over 120,000 PCs running Windows OS, in USA, through pretence of browsing specific websites like a human-user so ad images counting to billions could be generated that led to huge illicit revenue to its controllers.

Researchers explain that 'click fraud' leads to forgone income to Web-advertisers because they're required to pay whenever an unlawful click occurs. According to Spider.io, advertisers made a 69 cents mean payment for every thousand ad images that Chameleon generated. The company computed that the botnet displayed over 66% of the total 14b ad images that 202 affected sites (mostly in USA) produced.

The researchers also state that each of the Web-browsers the bot intercepted claimed they were Internet Explorer 9.0 active in computers having Windows 7. To gain admission into the Web, Chameleon uses one Trident-based browser which's Flash-enabled and runs JavaScript.

It's amazing how the active bot-infected computers display numerous websites inside their browsers and to an extent that crashes the latter followed with restarts. Moreover, every one of the bots mimics many simultaneous Web-visitors, although they're altogether aggregate visitors accessing websites via the identical system. During browser-collapses owing to the bots, the simultaneous visiting sessions too close. Then on restart, a cookie request gets generated. This activity was important in helping the researchers detect the bogus botnet-traffic.

Indeed, it was really industry experts who recognized the websites that got the fraudulent bot generated traffic. Accordingly, it was ladyshopspot.com the website of Alphabird from San Francisco as one recipient. Alphabird's websites sell ad spaces via exchanges done indirectly.

The organization claimed it was victimized with the scam, observing it paid to get other websites' advertising spaces while remained unwary of receiving the malicious traffic.

DataXu's (vendor for digital advertising methods) Vice-President Christian Carrillo stated that it could be difficult for indicting the fraudsters even though the bot-controllers became identifiable, owing to the Internet-ad production's trading terms. Ft.com published this dated March 19, 2013.

ยป SPAMfighter News - 23-03-2013

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next