Ashley Carman published an article today on SCMagazine.com that deals with click fraud malware and how it can lead to bigger problems. In her article she referenced a report by Damballa.com that was basically a overview of all potential infections going around the web. The report points out that click fraud malware is usually deemed “low risk” but it can lead to bigger problems.
From the article:
In the report’s RuthlessTreeMafia group example, a victim was infected with click-fraud malware through a phishing email. Once infected with this initial malware — the group used Asprox — the malware’s Command and Control (C&C) server then updated the impacted device with additional malware. One was a rootkit and the other a click-fraud installer.
Eventually, after exploiting the infected machine to make money off click-fraud, the attackers sold it to other cybercriminals who dropped the CryptoWall ransomware on it. The entire attack took two hours to go from an initial click-fraud infection to three more click-fraud infections, plus Cryptowall.
Constrained IT teams often can’t deal with every click-fraud threat, Newman said. However, instead of primarily focusing on preventing devices from infection, teams should monitor machines at all times. This could allow for quick responses, he said.
Read the full article on SCmagazine.com
SoFreeDomains says
I still believe that prevention is a better approach, the technique for developing the malware may need changes.