Virus writers have crafted a malware threat that serves up expensive Google AdSense web pages related to mesothelioma, a rare cancer caused by exposure to asbestos.
Industry workers affected by the disease have launched a series of lawsuits, a factor that means "ambulance chasing" lawyers pay through the nose to get a mention when searches for the term "mesothelioma" are made. The cost-per-click for the term "mesothelioma" is among the highest in the online ads business ranging from $4 to $13 and higher on various keyword bidding networks.
This, in turn, makes the term a prime target for click-fraud. Google AdSense allows online publishers to make revenue by displaying Google ads relevant to the content of their site. Because Google pays the host Web site based on the number of clicks on their ads, the process can be susceptible to "click-fraud".
The KMeth worm, which targets Yahoo! Messenger users, directs infected users to a web site serving a barrage of Google AdSense advertisements related to mesothelioma. Financially-motivated malware writers apparently hope to cash on the ruse through shares in the resulting advertising commissions which we doubt will materialise. Fraud detection mechanisms employed by Google are more than likely to identify rogue sites generating suspiciously high returns using such illicit tactics but that doesn't eliminate the other security risks consumers face from the worm.
KMeth exploits IE vulnerabilities to infect surfers who visit malware infested sites controlled by hackers, promoted through IM messages sent to the Yahoo! Messenger contacts of infected users. The "status message" in Yahoo! Messenger can also be also hijacked, presenting potentially enticing messages to their contacts, such as "check out my blog" in order to trick potential marks into becoming infected, IM security firm FaceTime reports.
Meanwhile an infected user's IM control panel is disabled, and their home page is hijacked to point towards rogue web sites designed to generate maximum revenue through click fraud. Using malware to perpetrate click-fraud is an established technique but the KMeth worm extends this idea by employing a battery of social engineering techniques.
"Typically, financially-driven malware attacks use botnets to fraudulently increase traffic to specific online advertisements," said Chris Boyd, director of malware research for FaceTime Security Labs. "In this case, the hackers have cleverly borrowed tactics from botnet-creators to create a bot-less network of hijacked PC users to drive traffic to sites populated with these specific Google AdSense advertisements. Introducing the human factor into the scenario makes these 'bot-less nets' much more difficult to detect."
Know Everything
Saturday, October 07, 2006
MySpace acquisition a $20 billion fraud?
Brad Greenspan, one of the original founders of the MySpace universe, published a report that claims that News Corp.'s 2005 acquisition of MySpace may have defrauded shareholders by "more than $20 billion." Greenspan has requested further investigation by the Securities and Exchange Commission, the U.S. Department of Justice and the U.S. Senate Committee on Finance.
Greenspan claims that records he obtained indicate "one of the largest merger and acquisition scandals in U.S. history." According to the former chairman and chief executive officer of Intermix Media, which invested $1 million into the creation of MySpace, shareholders "were blatantly misled into voting for a quick and unfair sale" and "deliberate steps were taken to withhold and manipulate information." He also claims that money was improperly gained and laws were broken.
Greenspan hopes that MySpace's $580 million acquisition by News Corp. in July 2005 will be "unwound" and MySpace will be independent. "An independent MySpace is significantly better for its users and shareholders," he said. The report, freely available at freemyspace.com, lists several quotes - which Greenspan says are taken from email conversations between the parties involved in the acquisition: If authentic, the emails could provide some evidence that the negotiating individuals were aware of a much higher value of MySpace, and profited from the deal later on.
A key accusation of Greenspan is that Intermix and News Corp. withheld information about the revenue of MySpace, which grew "at a 1200% annualized rate" and was on track hitting $250 million for the year. "Shareholders were forced to trust the recommendation of Intermix' Board and were under the impression MySpace was unable to turn its massive traffic into revenues," Greenspan writes.
So how does Greenspan fit into this picture?
Greenspan, who founded eUniverse, claims to have had the idea for MySpace and is believed to have spent about $1 billion to get MySpace with his firm off the ground back in 2003. Other key people involved in the founding included by Tom Anderson and Chris DeWolfe, the current chief executive of MySpace. After arguments - which included accounting issues - with board members, Greenspan was forced to the leave the company, which changed its name to Intermix Media after his departure. Greenspan tried at least twice to claim back his company in proxy proceedings, which, however, were unsuccessful. Greenspan ended up with a $47 million check from the News Corp. acquisition of Intermix.
His claim that MySpace was worth substantially more than the $580 million News Corp. paid, could either increase his check or hand him back a social networking site that currently has more than 110 million members, a $900 million Google advertising deal as well as recently announced music distribution agreements for its members.
Greenspan now aims his accusations at Richard Rosenblatt, who took over at eUniverse and Intermix as CEO after Greenspan's departure. "In addition to Rosenblatt's stunning and incriminating emails, the two highest non-director senior executives, chief financial officer Lisa Terrill and chief operating officer Sherm Atkinson, have come forward through their legal counsel indicating significant breaches of fiduciary duty by Rosenblatt and the directors as part of the News Corp. transaction," Greenspan said. "The MySpace Report" shows that Richard Rosenblatt knew before the transaction that MySpace was well on its way to becoming worth at least $20 billion."
MySpace did not comment on Greenspan's accusations.
Greenspan claims that records he obtained indicate "one of the largest merger and acquisition scandals in U.S. history." According to the former chairman and chief executive officer of Intermix Media, which invested $1 million into the creation of MySpace, shareholders "were blatantly misled into voting for a quick and unfair sale" and "deliberate steps were taken to withhold and manipulate information." He also claims that money was improperly gained and laws were broken.
Greenspan hopes that MySpace's $580 million acquisition by News Corp. in July 2005 will be "unwound" and MySpace will be independent. "An independent MySpace is significantly better for its users and shareholders," he said. The report, freely available at freemyspace.com, lists several quotes - which Greenspan says are taken from email conversations between the parties involved in the acquisition: If authentic, the emails could provide some evidence that the negotiating individuals were aware of a much higher value of MySpace, and profited from the deal later on.
A key accusation of Greenspan is that Intermix and News Corp. withheld information about the revenue of MySpace, which grew "at a 1200% annualized rate" and was on track hitting $250 million for the year. "Shareholders were forced to trust the recommendation of Intermix' Board and were under the impression MySpace was unable to turn its massive traffic into revenues," Greenspan writes.
So how does Greenspan fit into this picture?
Greenspan, who founded eUniverse, claims to have had the idea for MySpace and is believed to have spent about $1 billion to get MySpace with his firm off the ground back in 2003. Other key people involved in the founding included by Tom Anderson and Chris DeWolfe, the current chief executive of MySpace. After arguments - which included accounting issues - with board members, Greenspan was forced to the leave the company, which changed its name to Intermix Media after his departure. Greenspan tried at least twice to claim back his company in proxy proceedings, which, however, were unsuccessful. Greenspan ended up with a $47 million check from the News Corp. acquisition of Intermix.
His claim that MySpace was worth substantially more than the $580 million News Corp. paid, could either increase his check or hand him back a social networking site that currently has more than 110 million members, a $900 million Google advertising deal as well as recently announced music distribution agreements for its members.
Greenspan now aims his accusations at Richard Rosenblatt, who took over at eUniverse and Intermix as CEO after Greenspan's departure. "In addition to Rosenblatt's stunning and incriminating emails, the two highest non-director senior executives, chief financial officer Lisa Terrill and chief operating officer Sherm Atkinson, have come forward through their legal counsel indicating significant breaches of fiduciary duty by Rosenblatt and the directors as part of the News Corp. transaction," Greenspan said. "The MySpace Report" shows that Richard Rosenblatt knew before the transaction that MySpace was well on its way to becoming worth at least $20 billion."
MySpace did not comment on Greenspan's accusations.
Google Code Search - Good/ Bad
Google on thursday unvieled Code search as a tool to help simplify life for developers, can also be misused to search for software bugs, password information, and even proprietary code that shouldn't have been posted to the Internet in the first place, security experts said Friday.
Unlike Google's main Web search engine, Google Code Search peeks into the actual lines of code whenever it finds source-code files on the Internet. This will make it easier for developers to search source code directly and dig up open-source tools they may not have known about, but it has a drawback.
"The downside is that you could also use that kind of search to look for things that are vulnerable and then guess who might have used that code snippet and then just fire away at it," said Mike Armistead, vice president of products with source-code analysis provider Fortify Software Inc.
Attackers could also search code for vulnerabilities in password mechanisms, or to search for phrases within software such as "this file contains proprietary," possibly unearthing source code that should never have been posted to the Internet.
Security experts say that the security implications of Google Code Search are noteworthy, if not earth-shattering.
Skilled hackers may already be able to do this type of search with Google's Web search engine, but Code Search is "another tool that makes it a tad easier for the attacker," said Johnny Long, a security researcher with Computer Sciences Corp, in an e-mail interview.
For its part, Google did not have much to say about possible misuse of its new product. "Google recommends developers use generally accepted good coding practices including understanding the implications of the code they implement and testing appropriately," the company said in a statement.
Google has never said much about the steps it takes to cut down on this kind of misuse of its search engine, though the issue comes up from time to time. In July, Websense Inc. used a little know binary search capability within Google Inc.'s search engine to look for malware on the Internet.
While Google Code Search will probably not have much of an effect on popular open-source projects, which are already heavily scrutinized, it could help ferret out vulnerabilities in lesser known pieces of code, according to Lev Toger, a software developer with Beyond Security Ltd.
"Using Google's code search, it's much easier to find interesting code portions," he said via e-mail. "If your task is to find vulnerability in some random code, this filtering can save you a lot of time. "
Unlike Google's main Web search engine, Google Code Search peeks into the actual lines of code whenever it finds source-code files on the Internet. This will make it easier for developers to search source code directly and dig up open-source tools they may not have known about, but it has a drawback.
"The downside is that you could also use that kind of search to look for things that are vulnerable and then guess who might have used that code snippet and then just fire away at it," said Mike Armistead, vice president of products with source-code analysis provider Fortify Software Inc.
Attackers could also search code for vulnerabilities in password mechanisms, or to search for phrases within software such as "this file contains proprietary," possibly unearthing source code that should never have been posted to the Internet.
Security experts say that the security implications of Google Code Search are noteworthy, if not earth-shattering.
Skilled hackers may already be able to do this type of search with Google's Web search engine, but Code Search is "another tool that makes it a tad easier for the attacker," said Johnny Long, a security researcher with Computer Sciences Corp, in an e-mail interview.
For its part, Google did not have much to say about possible misuse of its new product. "Google recommends developers use generally accepted good coding practices including understanding the implications of the code they implement and testing appropriately," the company said in a statement.
Google has never said much about the steps it takes to cut down on this kind of misuse of its search engine, though the issue comes up from time to time. In July, Websense Inc. used a little know binary search capability within Google Inc.'s search engine to look for malware on the Internet.
While Google Code Search will probably not have much of an effect on popular open-source projects, which are already heavily scrutinized, it could help ferret out vulnerabilities in lesser known pieces of code, according to Lev Toger, a software developer with Beyond Security Ltd.
"Using Google's code search, it's much easier to find interesting code portions," he said via e-mail. "If your task is to find vulnerability in some random code, this filtering can save you a lot of time. "
Subscribe to:
Posts (Atom)