Monday, May 21, 2007

Over 400 People Clicked on an Ad Promising to Infect Their Computer

Sorry that I haven't written for a few days, but it is the start of the art show season for me and I am busy getting ready. I also have been doing some photographic jobs for clients, so that is keeping me doubly busy. This is the time of year that my blogging is drastically reduced because I am on the road so often, with sometimes only 3 days between shows. I shall endeavor to write a blog here and there when time permits just to let you know that I am alive.

If you would like to see a current list of where I will be this summer, click over to my Web site for the most current list of my upcoming shows. Keep in mind that it is not yet completed yet as there are still more shows that will be added. By the way, if you would like to see some of my new works for this year, click here and you can see some of them. More will be added very soon.

Now for today's blog:

Would you believe that 409 people have clicked on an on-line advertisement that promised to infect their computer with a virus? The ad offers infection for those with virus-free PCs. The ad was placed by a person who identifies himself as security professional Didier Stevens. It reads like this:

Drive-By Download
Is your PC virus-free?
Get it infected here!
drive-by-download.info

Stevens, who says he works for Contraste Europe, a branch of the IT consultancy The Contraste Group, has been running his Google Adwords campaign for six months now and has received 409 hits. Stevens has done similar research in the past, such as finding out how easy it is to land on a drive-by download site when doing a Google search.

First, Stevens bought the drive-by-download.info domain. .info domains are notorious for hosting malware, he points out. Then he set up a server to display the innocuous message "Thank you for your visit" and to log the requests. No PCs were harmed in this experiment, he emphasizes. The site is benign and has never hosted malware or other scripts or code.

Of the 409 people who clicked, 98 percent were running Windows machines, according to the user agent string, which is a text string that identifies a Web site visitor to a server. Stevens says that he designed his ad to make it look fishy, but he had no problem getting Google to accept it and has had no complaints to date. And, although a healthy amount of people clicked on it, he said there's "no way to know what motivated them to click on my ad. I did not submit them to an IQ-test."

I shall contain myself from any further comments and just let you be the judge.

No comments: