Posts Tagged ‘click bots’
Thursday, January 3rd, 2008
In an article from Infoworld, it came to my attention that security firms are opening up honey pots in an attempt to capture bot activity.
Honey pots are machines which are deliberately left unprotected in an attempt to attract the attention of bot herders. The nefarious net users infect the machines, and details of the new bots can be reverse engineered and solutions to the problems devised.
Full details of the story can be read the Infoworld site.Infoworld: Malware Honeypots to Relaunch in ‘08
Monday, December 3rd, 2007
He’s back to avenge the death of his father Bot Roast. All fear his wrath, he is Bot Roast II. Tremble as our heroine is subjected to terrible trials, sigh as our rugged hero swoops in to save her.
B-Movie trailer aside, the FBI have announced that the success of the original Operation Bot Roast, they are launching a second version of the operation to catch illicit Bot Herders who are using loop holes on unprotected machines to launch malicious attacks including.
A more thorough discussion of the new operation has been published on Technology News Daily.
Wednesday, November 7th, 2007
There are many people who doubt that Click Fraud is a real problem, the following search phrase lead a reader to my blog.
program a clickbot
Try as hard as I can, the only reason I can see that someone would type this into Google, is to find how to setup a click fraud attack.
A low noise click bot is highly likely to bypass the Google filters, and people are out there, trying to find how to do this.
Wednesday, October 17th, 2007
I came across a interesting post about click bots, in particular a new bot to me RXBOT which has a visit command, Read the full post on Bardissi Enterprises, but the relevant section for anyone interested in click fraud is shown below
Nowadays, the lure of illegal easy money motivates most bot herders. Our video shows how crooks can force their bots to click on revenue-generating Google ad words. As another example, Rxbot has a simple-yet-effective .visit command. If you send your bots this command, followed by a URL, they silently visit that URL. Here, silently is a technical term meaning the bot victim will not see her computer visit the URL. The visit happens in the background, without any web browser involvement. So, imagine you have 100,000 bots. With one command you could easily force all those bots to visit an online poll, vote, or game. If you wanted ToneDeaf UglyDork to win American Idol, you could command all your bots to visit the American Idol voting page and submit a vote. Since every vote would come from a different IP address, the results would look legitimate. And if the flaws in American e-voting aren?t fixed before 2008, bots just might elect ToneDeaf UglyDork as President, too.
Friday, September 21st, 2007
I was fortunate enough to be given a guest blogging spot on Seo Scoop, where Dazzlin Donna let me write a post about ClickBot.A.
Wednesday, August 22nd, 2007
No this is not the latest title of a XXX rated DVD, this is an official FBI operation to crack down on ‘bot related cyber crime.
Robot or bot nets are collections of hundreds or even tens of thousands of computers infected with a virus which allows the “bot herder” or perpetrator of the attack to run programs which attack other machines on the Internet. These programs typically attempt to do the following:
- Steal the computer owner’s identity;
- Launch massive spam campaigns;
- Engage in click-fraud—schemes which artificially inflate the number of visitors to a website; and
- Launch denial of service attacks that can cripple web servers and crash sites.
The owner of the infected machine is typically unaware that their machine is under the control of the “bot herder”. It is therefore critical that end users take PC security very seriously. Anti virus software should be updated and OS patches such as those automatically sent out by Microsoft should be applied.
In the wider world of click fraud, bot net attacks can be very difficult to counter against. How does a system identify a single bot net click, which then stays on a page as if reading details against a real person clicking through and reading the contents of an e-commerce site? Expand this to tens of thousands of IP addresses and we get the very real threat of click fraud.
Details of the operation are available on the official FBI website.
“Hey Scully want to check out my bot?”
“Put that away Mulder!”