Acum cateva saptamani cei de la Symantec au spus ca malware-ul Flashback ar fi generat nu mai putin de 10.000$ pe zi pentru hackerii care l-au dezvoltat. Totul avea legatura cu sistemele de publicitate online, malware-ul fortand calculatoarele victimelor sa dea click pe bannerele publicitare ale website-urilor accesate. Ei bine, dupa cateva saptamani de verificari si analiza, cei de la Symantec au ajuns la concluzia ca doar 14.000$ au fost produsi de malware-ul Flashback in 3 saptamani de utilizare in Mac-uri.
From our analysis we have seen that, for a three-week period starting in April, the botnet displayed over 10 million ads on compromised computers but only a small percentage of users who were shown ads actually clicked them, with close to 400,000 ads being clicked. These numbers earned the attackers $14,000 in these three weeks, although it is worth mentioning that earning the money is only one part of the puzzle—actually collecting that money is another, often more difficult, job. Many PPC providers employ anti-fraud measures and affiliate-verification processes before paying. Fortunately, the attackers in this instance appear to have been unable to complete the necessary steps to be paid.
It is estimated the actual ad-clicking component of Flashback was only installed on about 10,000 of the more than 600,000 infected machines. In other words, utilizing less than 2% of the entire botnet the attackers were able to generate $14,000 in three weeks, meaning that if the attackers were able to use the entire botnet, they could potentially have earned millions of dollars a year.
Se pare ca versiunea care dadea click pe bannerele publicitare ar fi fost prezenta in numai 10.000 de Mac-uri si aceste au generat 14.000$ in trei saptamani de zile, insa hackerii nu ar fi reusit sa colecteze banii de la advertiseri. Intreaga poveste din spatele Flashback-ului a fost exagerata pentru ca in final problema a avut legatura cu utilizatorii care nu isi actualizeaza software-ul si lucruri de genul acesta se intampla pe orice platforma. Vulnerabilitatea folosita nu era din OS X, ci dintr-un software tert, iar firmele de securitate au incercat sa prezinte totul intr-o lumina proasta pentru a convinge lumea ca OS X-ul are nevoie de software antivirus.
This post was last modified on mai 17, 2012, 9:28 AM 09:28