 |
| Inside the Effort to Kill a Web Fraud 'Botnet' |
Then, on Thursday, they pounced. Armed with a court order and law enforcement help overseas, the team took steps to cut off communication links to European-based servers considered the mega-brain for an army of zombie computers known as ZeroAccess.
Criminals for years had used the ZeroAccess "botnet," which combines the power of more than 2 million hijacked computers—or bots—around the world, to fraudulently bill some $2.7 million a month from online advertisers, company investigators say.
Microsoft doesn't know precisely who is behind ZeroAccess, nicknamed after code in the malware, but suspects the operators are based in Eastern Europe. Last week the company filed a civil suit in federal court in Texas, where there is high concentration of bots. It got authorization to knock out connections between infected computers in the U.S. and the European-based servers linked to a core of 18 IP addresses. The unit said it also worked with the European law enforcement agency Europol to seize the computer servers, located in Latvia, Germany, Switzerland, Luxembourg, and the Netherlands.
The coordinated attack reflects increasingly aggressive efforts by businesses to police a largely unpoliced world, where hackers are scheming to grab some of the money flowing into digital ads.
Microsoft's Digital Crimes Unit recently moved into a new 16,800 square-foot headquarters in Redmond, Wash., to wage its war. Touch-screen monitors detailing the workings of suspected cybercriminals blink on the walls. The team, which numbers more than 100, juggles around five malware cases at a time, among other digital crimes.
This year, digital-ad spending in the U.S. is expected to rise 14.9% to $42.3 billion, according to eMarketer. Security company Solve Media Inc. estimates that digital losses world-wide for display advertising alone could run as high as $10 billion this year.
As the industry has ballooned online, so has its complexity, creating a labyrinth of openings for criminals. The growing automation of stock-market-like advertising exchanges, where fast-paced trading in ad space between multiple parties is hard to track, has opened up a particular vulnerability in the ecosystem, security firms say. An explosion in websites and many layers of new middlemen has made it easy for fraudsters to hide out, the firms say.
At its most basic, digital ad fraud involves generating fake traffic. It works because marketers pay websites for advertising space, with the payments typically determined by the number of people who are supposedly clicking on the site and able to see the spot.
A popular scam involves gaming that basic business model. Hackers build websites and direct hijacked computers to them, to give the appearance of real Web traffic. Advertisers' pitches, drawn by the traffic, then appear on the fake sites where there is no real audience. Sometimes the advertisers pay directly and other times through middlemen.
Source : WSJ
Post a Comment