Spyware authors offer financial rewards to botnet operators 
(26/03/2008)
Spyware authors are now offering financial rewards to botnet operators and other cyber criminals who covertly install their spyware.
Selling "installs" is a common practice in the cyber-underworld, the most notable example was in 2005 when Jeanson Ancheta was arrested for building a 400,000-strong botnet and installing adware from 180 solutions for $60,000. But now the criminals have moved in a riskier direction to spyware which is illegal to download and designed to evade anti-virus detection.
The income that can be earned grows based on higher numbers of installs, which implies that the spyware is to be used with botnets and varies based on the geographical location of installation. For example, installing spyware on 1,000 machines in Australia earns $100 but only $50 in the US. Below is a sample price list:
Country: Price $ USD per 1000 unique loads:
US 50
UK 60
NL 25
FR 25
PL 18
IT 60
DE 25
ES 25
AU 100
GR 25
Other 18
Asia 3
The code is first added to a Web page which may be a phishing site, a hacked site, a site hosted on a Web server or even a botnet-hosted Web page. Instruction is then issued to the offending botnet computers to visit the page, download the code and execute it. Once the spyware is installed, it would register with the "seller" and the "affiliate" would then be paid.
This site is reminiscent and may be the same as another Russian site called iframedollars.biz that existed until recently. A simple line of code is added to an HTML page that will in turn cause a drive-by-install of spyware to the computers of any visitors to that site. MessageLabs first reported on this phenomenon in May when a staggering $11,890 was reported to have been paid out in one week alone.
While MessageLabs has not yet identified what the downloaded spyware does, it is updated every three days to evade detection. The site reads, "Our program (size: 3 Kb) is loaded to the user and it changes the homepage and installs toolbar and dialer. It’s activated and revealed in 15-30 minutes after download."
Related topics: Hacking and intrusion prevention Security threats and vulnerabilities Virus, Worm, Email security, spyware and malware
Print version | 
Email to a friend | 
Related articles
Data breaches: Trends, costs and best practices gives you all the latest information on securing personal and corporate data, key recommendations for immediate action to improve data security, and how to respond to data breaches.
Other Security news and resources
Security News
Suppliers Directory
Jobs forum
Classifieds
Knowledge base
White papers
Research library
Security books
Special reports
Security interviews
Security companies
Security events
Security links
Security market
Product channels
Access Control Biometrics CCTV Intruder Alarms IT Security Manned Guarding Perimeter Protection Physical Security Remote Monitoring Security Services Fire, Health & Safety Other Security Products
IT Security white papers and research library
Access Control Authentication Data Management Data Security Digital Signatures Email Security Identity Management Internet Security Intrusion Prevention Network Security Remote access security Security Management Security Policies Security Software Security Threats Virus Detection Software Virus Protection VPN Vulnerability Assessment Wireless Security
Security books, guides, standards and toolkits
RFID and Smart Cards books, guides and reference documents Biometric books, guides and reference documents CCTV books, guides and reference documents Intruder alarms and intrusion detection systems books, guides and reference documents Monitoring and surveillance books, guides and reference documents IT Governance, ISO 27001 ISO 17799 and BS 7799 toolkits Fire, Health & Safety books, guides and reference documents
