BotNet Commits Pay-Per-Click Fraud
The Clickbot.A Trojan installed on 34,000 vulnerable PCs has been exploiting pay-per-click advertising programs, and the amount of money stolen this way could make the legendary robberies of the past pale in comparison.
Forget about “The Italian Job”. The Clickbot.A Trojan’s potential haul makes that look like, well, a movie. With antivirus firm Panda Software reporting the Trojan is on 34,000 PCs located in various parts of the world.
The bots receive instructions from several web servers, according to Panda’s advisory:
Panda did not name company whose advertisements are being targeted by the Clickbot.A network. The Trojan activates on infected machines whenever a user launches Internet Explorer.
The financial impact of the fraud scheme could be tremendous. Depending on the number of clicks and cost per click of each ad, the numbers may reach into the billions. Publishing 2.0 writer Scott Karp provided some possible figures in his post on the issue:
100 clicks/day X $1/click X 34,000 computers X 365 days = $1.2B annual fraud
100 clicks/day X $5/click X 34,000 computers X 365 days = $6.2B annual fraud
For the first 3 months of 2006, Google reported $928 million in “network” ad revenue, on track for $4 billion in 2006. What if 5% of that is fraudulent? What if it’s 10% or 25% or 40%?
David Utter is a staff writer for WebProNews covering technology and business.