Stealthy click fraud tool exploits 9ball attack

Custom Search

Hack in The Box
Free PC Security
TechAirlines
Electricity Prices
Texas Electricity
Electricity Rates in Texas
Electric Companies in Texas
Freeware
OnlineSchutz
NewsApp Portal
Chicago Attorney's

[Welcome to SCforum.info - Security [CENTRAL] Forum]

Welcome to SCforum.info - Security [CENTRAL] Forum, a home of the SCF Community devoted to provide Computer related News, Alerts, Downloads and FREE Help in such a way that even the novice computer user can understand.

Getting started using our community is extremely easy, check the two steps below:

Step 1: Create an account by clicking here. It's completely free with no hidden strings attached.

Step 2: If you have a computer problem and need some help, or just want to take part in opened discussions, simply visit: "FORUM". Once you *Register an account, you can quickly post your questions and comments.

(*Registered Members get: free support, also, they can communicate privately with other members via PM, removal of this message, see fewer ads and much more...)

[mike2009]

Miscreants have developed one of most sophisticated click fraud malware applications to date.

The Trojan code - dubbed FFsearcher by security firm SecureWorks - plugs into a Google API that allows webmasters to add a Google-powered search widget (called "Google Custom Search") to their website. In normal use, search results made via the widget are displayed alongside Google AdSense ads, with webmasters receiving a small fee every time a surfer follows an ad.

The malware hijacks this feature so that every search an infected user makes is performed through a search widget under their control, so that they get paid by Google every time a surfer clicks on a sponsored ad. Hackers have also worked out a means to pull off this sleight of hand without giving any indication to surfers that anything might be amiss. Google might find it hard to unravel instances of fraud.

As such, the attack is more sophisticated than previous click fraud approaches, which relied on tricks such as changing a surfer's start page and searches to point to a third-party search engine, types of behaviour that might more easily be detected. FFsearcher works on both IE and Firefox.

"Every click on an ad is user-generated, and the user never notices any change in their web-surfing experience," writes Joe Stewart, director of malware analysis at SecureWorks.

FFsearcher is part of the exploit bundle spread by the recent Nine-ball mass compromise, SecureWorks adds. A comprehensive write-up of the attack - complete with screenshots - can be found at http://secureworks.com/research/threats/ffsearcher.