Malware for Click-Fraud Experiences Huge Increase Recently, Reports Microsoft

Microsoft has just released its SIR (Security Intelligence Report) according to which, malicious software that helps cyber-criminals churn money through click fraud, diversion of search results, and mining of crypto-currencies like Bitcoin has been increasing immensely during the recent months, published Help Net Security dated May 14, 2014.

The kind of malicious software seems a favorite for cyber-criminals, since it usually resides on infected PCs which victims fail to detect, while earns the crooks good money easily and constantly. With such malware, the miscreants are saved from selling filched databases on secret, illegitimate websites, alternatively being in danger of getting caught when making direct extortions by installing on victims' PCs, ransomware.

And while the described sort of malware found also as long-lasting ones has been plentiful with proven hardiness and existence since years, fresh samples keep emerging throughout.

One is the Miuref, malicious software which compromises search results and Web-browsers. This malware was first spotted during December 2013 as it proliferated via spam mails, dropper Trojans, and socially-engineered tactics attempting at persuading potential victims to execute a malicious installer.

Moreover, Microsoft's study notes how Miuref has many roles. The malware communicates with its CnC server while supplies it details regarding the machine it compromises. Further, in the presence of Firefox or Chrome, it creates the browsers' extensions such as Trojan:JS/Miuref.A and Trojan:JS/Miuref.B respectively as Microsoft has identified. These extensions then divert Web-searches onto the attacker manipulated pages.

But in the case of Internet Explorer, to do any diversion, code is inserted inside the IE browser's process while contact with certain remote server enables in getting the URLs needed for the diversions. Miuref even carries out click fraud via the execution of more unseen processes of IE as well as dispatches clicks to ads, which seem as arriving from the attacker manipulated web-pages.

The malware further features ways for updating itself alternatively pulling down as also executing more malware.

Since Miuref commonly spreads through spam, Internet-users require exercising safe e-mail practices, like erasing suspicious e-mails got, devoid of clicking on them, while also not follow or view any dubious web-links/attachments, Microsoft concludes.

» SPAMfighter News - 5/20/2014