The Flashback Trojan Made Its Makers $10,000 a Day

26
Save
Illustration for article titled The Flashback Trojan Made Its Makers $10,000 a Day

If you've ever wondered why people write malware, it's just like anything else – it's all about the money. Symantec has worked out that the evil-doing bottom-feeders behind that nasty Flashback Trojan, which caught the Mac world with its pants down, were raking in around $10,000 a day.

Apparently Flashback was cheating Google out of ad money on a colossal scale, redirecting clicks and banking the cash. With 100,000s of users unknowingly infected, all those tiny 5p clicks quickly added up, and that was just one variant of the Trojan.

With that much money on the line it's no wonder Macs have become a target – Windows users are supposedly wiser to these kinds of things. In theory it's a lot easier, once you've actually managed to get onto a Mac, to hide-out there earning serious money. Now that they've successfully proved Macs are vulnerable, and made a hatful of money in the process, don't expect the Mac to escape Windows-style virus hell – where there's a will, there's a way. [Symantec via MacWorld UK]

Advertisement

Image by Images of Money under Creative Commons license


Illustration for article titled The Flashback Trojan Made Its Makers $10,000 a Day

Our newest offspring Gizmodo UK is gobbling up the news in a different timezone, so check them out if you need another Giz fix.

Share This Story

Get our newsletter

DISCUSSION

I'm guessing this is probably how they make their money...

The worm somehow affects cookie activity. It either changes or replaces the ad serving cookies to route ad traffic to their own platform. The publisher sites hosting the ad inventory (usually longtail publishers) were prevented from routing higher priority Google ads and instead were defaulted to this hacker group's ad serving platform. So basically, Google ads were 'bumped' or 'defaulted', never served and they lost out on the revenue from this at the tune of $10k a day.

EDIT: To add, this hacker group probably uses a third party ad-server and acquires the inventory from a DSP trading desk or exchange. So, the companies advertising are usually pretty low on the brand integrity scale (think ExtenZe and not McDonalds) and don't even know who's hosting or delivering their ad since ComScore (digital ad measurement) can lose track of impressions and other metrics after just a few exchanges.

That way they stay anonymous if you try to follow the crumb trail back to the ad server if you're trying to catch them.