The Botnet-Spyware Love Affair
Wired and other news outlets are reporting that the FBI has arrested a 20-year-old Los Angeles man on charges that he used viruses to take control over 400,000 computers and use them as a giant install base for spyware. The scheme, authorities allege, netted the defendant $60,000, a BMW and computer equipment.
Wired's Kevin Poulson reports: "According to prosecutors, in 2004 and early 2005 Ancheta used a customized form of the 'rxbot' Trojan horse program to find and take control of large collections of vulnerable PCs, spinning them into 'botnets' capable of being directed as one. He then installed ad-delivery programs from two adware firms: Quebec-based Gammacash and LOUDcash, which was purchased by adware giant 180solutions and renamed ZangoCash earlier this year."
According to my own reporting, this type of business arrangement is rampant. There are plenty of hackers who -- with thousands of hacked home computers under their control -- can sign up to become distributors for these adware and spyware companies and make bundles of money doing it.
In August, adware maker 180Solutions sued seven former distributors it accused of using botnets to install its software on tens of thousands of hacked home PCs.
Also in August, FBI and foreign law enforcement officials arrested a Turkish man and a Moroccan youth thought to be responsible for writing versions of the Zotob worm. According to evidence turned up shortly after their arrest, the men also appeared to be using botnets to install adware and spyware.
During a recent visit I made to the company, 180Solutions executives spent several hours explaining methods the company is putting in place to make sure guys like Ancheta never get paid. The FBI investigation almost certainly has been ongoing for some time now, but I'm afraid this won't be the last time we'll hear about botnet owners getting paid to install 180's software.
Posted by: Fed Up in FL | November 5, 2005 1:10 AM | Report abuse
Posted by: 0x80 | November 6, 2005 2:39 AM | Report abuse
Posted by: Ken L | November 7, 2005 2:23 AM | Report abuse
The comments to this entry are closed.