{"id":1451,"date":"2013-03-21T12:44:26","date_gmt":"2013-03-21T16:44:26","guid":{"rendered":"http:\/\/blog.nccomputertech.com\/?p=1451"},"modified":"2013-03-21T12:44:26","modified_gmt":"2013-03-21T16:44:26","slug":"chameleon-clickfraud-botnet-costs-advertisers-6-million-a-month","status":"publish","type":"post","link":"https:\/\/nccomputertech.com\/techtalk\/2013\/03\/21\/chameleon-clickfraud-botnet-costs-advertisers-6-million-a-month\/","title":{"rendered":"Chameleon clickfraud botnet costs advertisers $6 million a month"},"content":{"rendered":"<p style=\"text-align:center;\"><a href=\"http:\/\/www.techspot.com\/news\/52006-chameleon-clickfraud-botnet-costs-advertisers-6-million-a-month.html\"><img decoding=\"async\" alt=\"\" src=\"http:\/\/nccomputertech.files.wordpress.com\/2013\/03\/clickfraud.jpg\" \/><\/a><\/p>\n<p>Researchers at Spider.io have detailed the discovery of a clickfraud botnet that is purportedly causing at least 70 times more financial damage than the Bamital network Microsoft and Symantec killed in early February. By its estimates, the security outfit says the &#8220;Chameleon&#8221; botnet is costing advertisers more than $6 million per month.<br \/>\nSpider.io has been tracking the network&#8217;s behavior since last December and believes it must be highly sophisticated to have evaded display advertisers, which use various algorithms to monitor site activity. The malware targets Windows PCs and uses them to access webpages with a Flash-enabled Trident-based browser.<br \/>\nCurrently, more than 120,000 host machines have been identified with 95% of them located in the US. The midwest, southwest and west coast seem to have the highest concentration of infected systems, particularly California, Hawaii and Texas, which each have 10,000 or more computers that have been affected by Chameleon.<br \/>\nThe botnet-controlled machines are directed to generate views for at least 202 websites, though more could be discovered. Spider.io says about 14 billion ad impressions are served across those sites and Chameleon is responsible for a whopping 9 billion or more of them, as well as 7 million distinct ad-exchange cookies.<br \/>\nThe researchers say the bots produce click traces and generate engagement activity similar to normal users and they can run Flash and execute JavaScript. However, the network is less impressive on a macro level as all the bots show up as running IE9 on Windows 7 and they repeatedly visit the same sites with little variation.<br \/>\nSpider.io has provided a blacklist of 5,000 IP addresses for the worst of Chameleon&#8217;s bots, but we haven&#8217;t seen any information about shutdown and cleanup efforts. Perhaps that&#8217;s underway and the researchers simply chose not to reveal anything yet. If not, this seems like a prime candidate for Microsoft&#8217;s next takedown.<br \/>\nvia <a href=\"http:\/\/www.techspot.com\/news\/52006-chameleon-clickfraud-botnet-costs-advertisers-6-million-a-month.html\" target=\"_blank\">Chameleon clickfraud botnet costs advertisers $6 million a month &#8211; TechSpot<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Researchers at Spider.io have detailed the discovery of a clickfraud botnet that is purportedly causing at least 70 times more [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[6,7,9,10],"tags":[142,183,198,655,1167],"class_list":["post-1451","post","type-post","status-publish","format-standard","hentry","category-networking","category-security","category-software","category-technology","tag-botnet","tag-chameleon","tag-click-fraud","tag-malware","tag-virus"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/papNkV-np","jetpack-related-posts":[{"id":9343,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/05\/27\/this-week-in-tech-668-how-many-cups-in-a-stone\/","url_meta":{"origin":1451,"position":0},"title":"This Week in Tech 668: How Many Cups in a Stone?","author":"NCCT","date":"May 27, 2018","format":false,"excerpt":"https:\/\/youtu.be\/i1oqaFyVcQ0 --The FBI wants you to reboot your router right now. FBI agents have gained control of a huge Russian botnet. If your router is affected you just need to reboot it. --Facebook and Russian ads - how should government react in the age of cyber warfare? --Amazon sells facial\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/i1oqaFyVcQ0\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9930,"url":"https:\/\/nccomputertech.com\/techtalk\/2025\/05\/16\/fbi-says-toss-your-old-router\/","url_meta":{"origin":1451,"position":1},"title":"FBI Says Toss Your Old Router","author":"NCCT","date":"May 16, 2025","format":false,"excerpt":"https:\/\/youtu.be\/scR199zRjvA On Security Now, Steve talks about the FBI's suggestion that we should be tossing out our old routers.","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/scR199zRjvA\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9655,"url":"https:\/\/nccomputertech.com\/techtalk\/2021\/03\/09\/fuquay-varina-and-holly-springs-computer-repair\/","url_meta":{"origin":1451,"position":2},"title":"Fuquay Varina and Holly Springs Computer Repair","author":"NCCT","date":"March 9, 2021","format":false,"excerpt":"Welcome to our blog. NC Computer Tech services Fuquay Varina, Holly Springs, and surrounding NC areas. We offer prompt, professional, courteous service with over twenty years of experience dealing with residential and small business clients offering them solutions and fixing their computer and network issues at reasonable rates. Our services\u2026","rel":"","context":"In &quot;Technology&quot;","block_context":{"text":"Technology","link":"https:\/\/nccomputertech.com\/techtalk\/category\/technology\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":9910,"url":"https:\/\/nccomputertech.com\/techtalk\/2025\/02\/11\/slap-and-flop-siri-ios-18-3-update-apple-music\/","url_meta":{"origin":1451,"position":3},"title":"Slap and Flop &#8211; Siri, iOS 18.3 Update, Apple Music","author":"NCCT","date":"February 11, 2025","format":false,"excerpt":"https:\/\/youtu.be\/Xwqi58VczQ4 What's going on with Siri? iOS 18.3 update is out now, along with a fix to a zero-day flaw. You can buy iPhones on eBay with TikTok installed on them as TikTok is still not available for download on the App Store. And on January 27th, 2010, Steve Jobs\u2026","rel":"","context":"In &quot;Apple&quot;","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/Xwqi58VczQ4\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9403,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/10\/01\/older-than-the-mini-jack-this-week-in-tech-686\/","url_meta":{"origin":1451,"position":4},"title":"Older Than the Mini Jack &#8211; This Week in Tech 686","author":"NCCT","date":"October 1, 2018","format":false,"excerpt":"https:\/\/youtu.be\/a2BeanU0FsU Facebook breach, Elon\u2019s costly tweet, Google turns 20, and more. --How to tell if your Facebook account is one of the 50 million that were hacked this week --Why the founder of Instagram left Facebook --\"Funding secured\" tweet costs Elon Musk his chairmanship and $40 million --Google turns 20\u2026","rel":"","context":"In &quot;Social Media&quot;","block_context":{"text":"Social Media","link":"https:\/\/nccomputertech.com\/techtalk\/category\/social-media\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/a2BeanU0FsU\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9370,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/06\/24\/this-week-in-tech-672-meme-the-queen\/","url_meta":{"origin":1451,"position":5},"title":"This Week in Tech 672: Meme the Queen","author":"NCCT","date":"June 24, 2018","format":false,"excerpt":"https:\/\/youtu.be\/ZCttWvS1qJw Two HUGE Supreme Court decisions, Apple admits its keyboards suck, Europe's war on memes, and more. -- The US Supreme Court kills warrantless cell phone location fishing and okays state sales taxes on internet purchases. -- Apple offers refunds on MacBook butterfly keyboard repairs and wants to let you\u2026","rel":"","context":"In &quot;Apple&quot;","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/ZCttWvS1qJw\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]}],"_links":{"self":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/1451","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/comments?post=1451"}],"version-history":[{"count":0,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/1451\/revisions"}],"wp:attachment":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/media?parent=1451"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/categories?post=1451"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/tags?post=1451"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}