Botnet Click Fraud On The Rise
by Blight Crusader
Click fraud numbers were just released for the third quarter of 2009, and the usage of botnets to generate such fraud is on the rise — up to almost 43 percent of all click fraud is now automatically generated from botnets. This is up from around 27 percent a year ago, it should be noted.
But the most insidious thing in the report is that these attacks are getting a lot more sophisticated, by spreading relatively low volumes of clicks across as wide a network of botnet-infected computers as possible, to “fake” more normal traffic patterns than the old, more brute force methods. This makes it harder to stop click fraud, unless you’re using security software designed to ferret this sort of thing out.
PC World has the full story:
Networks of hacked computers are being used more than ever to click on advertisements, a scam known as click fraud that cheats search engines, publishers and ad networks out of revenue.
For the third quarter of the year, 42.6 percent of fraudulent clicks came from botnet-infected computers, according to Click Forensics, a company that produces tools to detect and filter out fraudulent clicks. The figure is the highest in four years, when Click Forensics began producing reports. For the same quarter a year ago, botnets accounted for 27.5 percent of bad clicks.
Botnets are a powerful tool for hackers. They can be used to send spam, harvest data and conduct distributed denial-of-service attacks against Web sites. And the malicious software infecting PCs that are part of botnets is continuously being developed for other evil purposes.
“What we are seeing is that click fraud is now a component of these botnets as well,” said Paul Pellman, CEO of Click Forensics.
Click Forensics doesn’t calculate how much the click fraud costs advertisers and publishers, but it is a significant problem: For the latest quarter, Click Forensics calculates the overall click fraud rate was around 14.1 percent. The statistic comes from an analysis of traffic on 300 ad networks.
For advertisers and ad networks, that means that 14.1 percent of the clicks on their ads are bogus, which costs them money. Those who are perpetrating click fraud are getting much more sophisticated.
“It’s never any one thing that identifies traffic as fraudsters,” Pellman said.
An obvious indicator is a high frequency of clicks from a group of computers. Click Forensics employs machine-learning to spot anomalous patterns that may indicate click fraud. It also distributes a block list that publishers can use to keep low-quality traffic coming from known click-fraud offenders, Pellman said. The highest volume of bad clicks for the latest quarter came from the U.K., Vietnam and Germany.
If a computer is infected with botnet click-fraud code, the program will open a browser window that has a length and width of zero, which is invisible to the user, Pellman said. It will then cycle through preprogrammed Web sites and click on certain ads.
The latest trick has been to let the botnet’s computers click on ads with a low frequency across a high number of computers. The goal is to make the traffic look “as much as possible like real traffic,” Pellman said.
“The fraudsters continue to get more and more sophisticated,” he said.
