After reading a blog post at np-incomplete I started looking into a website called installscash.org. A few other writers have caught this as well and done a bit of research on what the site proposes. Very similar to the iframedollars.biz operation out of Russia last year this site promises “payouts” for every website that you add a one line iframe to.
A few things caught my attention. The first is this link
to a forum where the webmasters had no idea what the program was really about. The post’s author seems genuinely shocked that such a program offering large payouts was in fact distributing trojaned programs.
He was no doubt interested in the payouts of $3-15 dollars depending on the location of the computer. Among other affiliate programs this one is clearly the most lucrative however not everyone immediately recognizes the pure evilness of a site’s intentions.
One independent test ran on the executable showed only 11 of 30 anti virus engines were able to pick up on the trojan. There were also mentions of the DNS registration being the victim of ID Theft.
Some other interesting links:
http://www.channelregister.co.uk/2008/03/19/botnet_spyware_scam/
http://www.informationweek.com/story/showArticle.jhtml?articleID=163700819
