Video | Agriculture | Confidence | Economy | Energy | Employment | Finance | Media | Property | RBNZ | Science | SOEs | Tax | Technology | Telecoms | Tourism | Transport | Search

 


Symantec and Microsoft Tackle Click Fraud Botnet

Symantec and Microsoft Tackle Click Fraud Botnet

Symantec and Microsoft have joined forces to successfully tackle the Bamital botnet, which helped cyber gangs steal more than US$1.1 million annually.

Symantec has been tracking this botnet since late 2009 and recently partnered with Microsoft to identify and shut down all known components vital to the botnet's operation.

Bamital is a malware family whose primary purpose is to hijack search engine results, redirecting clicks to an attacker controlled command-and-control (C&C) server. The C&C server redirects the results to websites of the attackers' choosing.

Bamital also has the ability to click on advertisements without user interaction. This results in poor user experience when using search engines along with an increased risk of further malware infections.

The malware’s origin can be tracked back to late 2009 and has evolved through multiple variations over the past couple of years. Bamital has primarily propagated through drive-by-downloads and maliciously modified files in peer-to-peer (P2P) networks.

From analysis of a single Bamital C&C server over a six-week period in 2011 we were able to identify more than 1.8 million unique IP addresses communicating with the server, and an average of three million clicks being hijacked on a daily basis.

Recent information from the botnet shows the number of requests reaching the C&C server to be well over one million per day.

Clickfraud, the name used for the type of fraud committed by Bamital, is the process of a human or automated script emulating online user behaviour and clicking on online advertisements for monetary gain.

Bamital redirected end users to ads and content which they did not intend to visit. It also generated non-human initiated traffic on ads and websites with the intention of getting paid by ad networks.

Bamital was also responsible for redirecting users to websites peddling malware under the guise of legitimate software. The following video illustrates how Bamital exploits the online advertising model: http://www.symantec.com/tv/allvideos/details.jsp?vid=2142222223001&subcategory=security_response&pid=1

Bamital is just one of many botnets that utilise clickfraud for monetary gain and to foster other cybercrime activities. Many of the attackers behind these schemes feel they are low risk as many users are unaware that their computers are being used for these activities.

This takedown sends a message to those attackers that these clickfraud operations are being monitored and can be taken offline.

For further details on Bamital's activities you can download a copy of our whitepaper.

Details on recovering from a Bamital infection are available here: http://www.norton.com/bamital. Users of up-to-date Symantec security products are protected against Bamital and its variants.

Symantec Security Response would like to acknowledge Spain's Civil Guardia, Catalunyan CERT (CESICAT), and Microsoft for assisting us in understanding and ultimately bringing this botnet to its demise.

ends

© Scoop Media

 
 
 
 
 
Business Headlines | Sci-Tech Headlines

 

Keep Digging: Seabed Ironsands Miner TransTasman Tries Again

The first company to attempt to gain a resource consent to mine ironsands from the ocean floor in New Zealand's Exclusive Economic Zone has lodged a new application containing fresh scientific and other evidence it hopes will persuade regulators after their initial application was turned down in 2014. More>>

Wool Pulled: Duvets Sold As ‘Premium Alpaca’ Mostly Sheep’s Wool

Rotorua business Budge Collection Limited (Budge) and sole director, Sun Dong Kim, were convicted and fined a total of $71,250 in Auckland District Court after each pleading guilty to four charges of misrepresenting how much alpaca fibre was in their duvets. More>>

Reserve Bank: Labour Calls For Monetary Policy To Expand Goals

Labour's comments follow a speech today by RBNZ governor Graeme Wheeler in which Wheeler sought to answer critics who variously say he should stop lowering interest rates, lower them faster, or that inflation-targeting should no longer be the primary goal of the central bank's activities. More>>

ALSO:

BSA Extension And Sunday Morning Ads: Digital Convergence Bill Captures Online Content

Broadcasting Minister Amy Adams has today announced the Government’s plans to update the Broadcasting Act to better reflect today’s converged market... The Government considered four areas as part of its review into content regulation: classification requirements, advertising restrictions, election programming and contestable funding. More>>

ALSO:

March 2017: Commerce Commission Delays Decision On Fairfax-NZME

The Commerce Commission has delayed its decision on the proposed merger between NZME and Fairfax Media's New Zealand assets, saying the deal is complex and it needs more time to assess the impact on both news content and the advertising market. More>>

ALSO:

Plan Plan: Permanent Independent Hearings Panel Proposed For Planning

The Productivity Commission recommends creating a permanent independent hearings panel like the one that cut through local politics to settle Auckland’s Unitary Plan, for the whole country. More>>

ALSO:

Statistics: NZ Jobless Rate Falls To 5.1% Under New Methodology

New Zealand's unemployment rate fell more than expected in the second quarter as Statistics New Zealand adopted a new way of measuring the labour market to bring the country in line with international practices, and while a growing economy continued to support jobs growth. More>>

ALSO:

Get More From Scoop

 
 
 
 
 
 
 
 
 
Business
Search Scoop  
 
 
Powered by Vodafone
NZ independent news