Adult Webmasters! Help us kill a botnet!

You are not logged in. [Log In] xxxPornTalk » Forums » XXX Porn Talk Discussion Forums » Website Talk » Adult Webmasters! Help us kill a botnet!

JM Toys and More!!

New Release This Week

VOD / Download Links

JM Downloads/VOD
XPT VOD
Gamelink VOD

New Release This Week

Internet Video Rentals

Sugar DVD
Bush DVD

Adult Gossip & News

TRPWL.com
LukeIsBack
TheFloatingWorld
GramPonante.com

Forum Stats

19073 Members
14 Forums
40347 Topics
614150 Posts

Max Online: 639 @ 01/18/23 06:59 AM

Topic Options

#288997 - 11/30/07 08:52 AM Adult Webmasters! Help us kill a botnet!
Kago ADT regular Registered: 11/02/07 Posts: 1	Hi All, This is my first post although I have been reading xpt for quite a while now. I do IT security for a living and started out almost 10 years ago now, by providing security services for adult sites. I currently run the threat research group for an anti-botnet company, and I am hoping to reach out to the industry for some assistance. We are tracking a fairly new botnet that utilizes traffic sharing arrangements with legitimate adult sites to "socially engineer" new victims into installing their malware via the ol' install this new codec to watch our pr0n. The attack vector is not new, but the malware they are delivering is. This executable is updated (re-packed) constantly and will blow past nearly every AV product on the market. I don't want to get too technical in this post on how the malware works or the client side / browser exploits they use if you are smart enough to not download the "codec", but if anyone would like more detail feel free to pm me. Anyway... Once the malware is on the victims system, it is given a list of adult sites to visit with some type of referrer ID. The system will visit those sites, emulate clicking around, and then go back to the bot master for a new list. All this activity is completely invisible to the victim as in they don't know or see their system visiting these sites. The end result is that the botmasters are trying to make a lot of money by controlling hundreds of thousands (possibly over a million now) of computers, and defrauding legitimate adult sites via traffic or pay per click programs. So where I am looking for help is in the following: 1) I don't have a clear understanding of how traffic sharing or referrer and pay-per-click programs work in the industry these days. How exactly is this making the botmasters money when there is no chance the victim will sign up. The victim never even sees the site their computer is going to. 2) I could use an industry eye to help me analyze the referrer ID(s) they are using. Is it part of a major program, or ... 3) I could use some help in understanding relationships between sites. It can be difficult for me to tell if a site is legit and unknowingly redirecting traffic to the malware delivery sites, or if the site was set up by the bad guys. If any of you have more questions, or would like to verify my creds etc.. Feel free to PM me. Thanks!
Top

Previous Topic

Index

Next Topic

Shout Box

JM Productions

Gag Factor

American Bukkake

JM has the Best Variety !!