Video | Agriculture | Confidence | Economy | Energy | Employment | Finance | Media | Property | RBNZ | Science | SOEs | Tax | Technology | Telecoms | Tourism | Transport | Search

 


Symantec and Microsoft Tackle Click Fraud Botnet

Symantec and Microsoft Tackle Click Fraud Botnet

Symantec and Microsoft have joined forces to successfully tackle the Bamital botnet, which helped cyber gangs steal more than US$1.1 million annually.

Symantec has been tracking this botnet since late 2009 and recently partnered with Microsoft to identify and shut down all known components vital to the botnet's operation.

Bamital is a malware family whose primary purpose is to hijack search engine results, redirecting clicks to an attacker controlled command-and-control (C&C) server. The C&C server redirects the results to websites of the attackers' choosing.

Bamital also has the ability to click on advertisements without user interaction. This results in poor user experience when using search engines along with an increased risk of further malware infections.

The malware’s origin can be tracked back to late 2009 and has evolved through multiple variations over the past couple of years. Bamital has primarily propagated through drive-by-downloads and maliciously modified files in peer-to-peer (P2P) networks.

From analysis of a single Bamital C&C server over a six-week period in 2011 we were able to identify more than 1.8 million unique IP addresses communicating with the server, and an average of three million clicks being hijacked on a daily basis.

Recent information from the botnet shows the number of requests reaching the C&C server to be well over one million per day.

Clickfraud, the name used for the type of fraud committed by Bamital, is the process of a human or automated script emulating online user behaviour and clicking on online advertisements for monetary gain.

Bamital redirected end users to ads and content which they did not intend to visit. It also generated non-human initiated traffic on ads and websites with the intention of getting paid by ad networks.

Bamital was also responsible for redirecting users to websites peddling malware under the guise of legitimate software. The following video illustrates how Bamital exploits the online advertising model: http://www.symantec.com/tv/allvideos/details.jsp?vid=2142222223001&subcategory=security_response&pid=1

Bamital is just one of many botnets that utilise clickfraud for monetary gain and to foster other cybercrime activities. Many of the attackers behind these schemes feel they are low risk as many users are unaware that their computers are being used for these activities.

This takedown sends a message to those attackers that these clickfraud operations are being monitored and can be taken offline.

For further details on Bamital's activities you can download a copy of our whitepaper.

Details on recovering from a Bamital infection are available here: http://www.norton.com/bamital. Users of up-to-date Symantec security products are protected against Bamital and its variants.

Symantec Security Response would like to acknowledge Spain's Civil Guardia, Catalunyan CERT (CESICAT), and Microsoft for assisting us in understanding and ultimately bringing this botnet to its demise.

ends

© Scoop Media

 
 
 
 
 
Business Headlines | Sci-Tech Headlines

 

Scoop Business: Dairy Product Prices Decline To Lowest Since July 2012

Dairy product prices dropped to the lowest level since July 2012 in the latest GlobalDairyTrade auction, led by a slump in rennet casein and butter milk powder. More>>

ALSO:

SOE Results: TVNZ Lifts Annual Profit 25% On Flat Ad Revenue, Quits Igloo

Television New Zealand, the state-owned broadcaster, lifted annual profit 25 percent, ahead of forecast and despite a dip in advertising revenue, while quitting its stake in the pay-TV Igloo joint venture with Sky Network Television. More>>

ALSO:

Insurers Up For More Payouts: Chch Property Investor Wins Policy Appeal In Supreme Court

Ridgecrest NZ, a property investor, has won an appeal in the Supreme Court over insurance cover provided by IAG New Zealand for a Christchurch building damaged in four successive earthquakes. More>>

ALSO:

Other Cases:

Royal Society: Review Finds Community Water Fluoridation Safe And Effective

A review of the scientific evidence for and against the efficacy and safety of fluoridation of public water supplies has found that the levels of fluoridation used in New Zealand create no health risks and provide protection against tooth decay. More>>

ALSO:

Scoop Business: Croxley Calls Time On NZ Production In Face Of Cheap Imports

Croxley Stationery, whose stationery brands include Olympic, Warwick and Collins, plans to cease manufacturing in New Zealand because it has struggled to compete with lower-cost imports in a market where the printed word is giving way to electronic communications. More>>

ALSO:

Prefu Roundup: Forecasts Revised, Surplus Intact

The National government heads into the election with its Budget surplus target broadly intact, delivering a set of economic and fiscal forecasts marginally revised from May to reflect weaker commodity prices and a lower tax take. More>>

ALSO:

Convention Centre: Major New SkyCity Hotel And Laneway For Auckland

Today SKYCITY Entertainment Group Limited revealed plans to build a new hotel and pedestrian laneway of bars, restaurants and boutique shopping on land it owns in the Nelson and Hobson Streets block, expanding the SKYCITY Entertainment Precinct. More>>

ALSO:

Get More From Scoop

 
 
Computer Power Plus

Standards New Zealand

Standards New Zealand
 
 
 
 
 
 
 
 
Business
Search Scoop  
 
 
Powered by Vodafone
NZ independent news