Click-fraud malware employs new twist

Researchers are unclear about how this latest version is spreading, or how it is monetising itself.
Researchers are unclear about how this latest version is spreading, or how it is monetising itself.

 

The notorious Sefnit malware family that has been out of commission for the last two years is being used in a new click-fraud scam.

Geoff McDonald, a researcher at Microsoft’s Malware Protection Centre, has reported new click-fraud activity linked to the malware.

He added that the Mevade Trojan, that made headlines recently for being the first large botnet to use Tor to ‘anonymise’ and hide its network traffic, can be linked to Sefnit, and that Microsoft has concluded the two are from the same family.

In his blog, McDonald said Sefnit is a well-known threat, which includes a component capable of performing click-fraud.

“From our observations in the wild, this particular component disappeared near the end of 2011. In June 2013, we discovered a new click-fraud component, which we originally classified as Mevade.”

 

He added that the Mevade Trojan, that made headlines recently for being the first large botnet to use Tor to ‘anonymise’ and hide its network traffic, can be linked to Sefnit, and that Microsoft has concluded the two are from the same family.

In his blog, McDonald said Sefnit is a well-known threat, which includes a component capable of performing click-fraud.

“From our observations in the wild, this particular component disappeared near the end of 2011. In June 2013, we discovered a new click-fraud component, which we originally classified as Mevade.”

http://www.itweb.co.za/index.php?option=com_content&view=article&id=67683:Click-fraud-malware-employs-new-twist

Advertisements

About Gregory D Evans

Gregory Evans is one of the worlds greatest security consultants. Go to http://GregoryDEvans.com for more details.
This entry was posted in internet safety and tagged , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s