Methodologies of the RBN - Search Exploit
(Page 4 of 4 )
Another method used by the RBN is to create fake websites, then use botnets to post in blogs and forums in order to link back to those fake sites for two purposes: to install a piece of malware known as Scam.Iwin, which turns the user's computer into a zombie and uses it to generate pay-per-click revenue for the attacker. It can also install other malware.
By linking back to the fake sites, the botnets also drive up the search ranking of sites, often giving them a top three page ranking on search engines like Google, Yahoo, and MSN. The group has reportedly done this for hundreds of keywords, such as "infinity" and "hospice."
Back in November, Google reportedly cleansed some 40,000 of the malware hosting sites, though they have yet to deny or confirm this. Google did, however, recently come out with a report that stated more than 3 million sites contained malicious code that was intended to install software on a user's computer. That equates to roughly 1 in 1,000 of the web pages on the Internet.
Well that's all the time we have for this article. Next week, DevShed writer Michael Lowry takes up an article on the different types of denial of service attacks used by groups such as the RBN, then it's back here for a look at some other RBN tactics.
| DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware. |