< HoneyPoint Security Server | Hack In The Box 2006 Honeypot Summary >

CWSandbox vs. Click-Fraud Trojans

Business Week had an interesting story about click fraud recently (also at /.). This seems to be a really lucrative business and there is of course also malware that helps the attacker to automatically generate clicks on websites.
One example of such a piece of malware is Trojan.Clicker (named by F-Secure), which currently also dominates the monthly world map of malware infections. The operation mode of this Trojan is rather simple: after the initial infect (e.g., download via bots), it remains resident in memory and periodically opens certain web pages with the help of Internet Explorer, thus generating clicks on that web page. Hence, the attacker automatically generates revenue from his compromised machines...
A more detailed analysis of a particular Trojan.Clicker variant is available as CWSandbox report.
This entry was posted by Thorsten Holz on Sunday, September 24. 2006 at 06:02. and is filed under malware. You can leave a response, or trackback from your own blog. All new comments are subject to moderation before being displayed.

Trackbacks

Trackback specific URI for this entry

    No Trackbacks

Comments

Display comments as (Linear | Threaded)

    No comments


Add Comment


Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
E-Mail addresses will not be displayed and will only be used for E-Mail notifications

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA
 
Submitted comments will be subject to moderation before being displayed.