Botnet hunters tracking the latest MS06-040 worm attack estimate that one malicious hacker earned about $430 in a single day by installing spyware programs on thousands of commandeered Windows machines.
Security researchers are the German Honeynet Project discovered a direct link between the botnet-building attack and DollarRevenue, a company that pays between a penny and 30 cents per installation of its heavily criticized ad-serving software.
Within 24 hours, the IRC-controlled botnet hijacked more than 7,700 machines via the Windows Server Service vulnerability and hosed the infected computers with the noxious DollarRevenue files.
During a four-day stretch, researchers at the Manheimm, Germany, honeynet project counted about 9,700 infections from a single command-and-control center and calculated that the attacker was making hundreds of dollars a day in commissions from DollarRevenue alone.
"This is a lucrative business," said Thorsten Holz, a project founder who spends much of his life monitoring botnets. "He's earning more than $430 in a single day with DollarRevenue, and that's not the only piece of adware he's installing. He's installing others and also renting his botnet out to spammers," Holz said in an interview with eWEEK.
See full story: