Third Parties Paid to Install Malware

^{August 20, 2011}
Networking Group researchers have found that the majority of the most active malware distributors pay third parties to install their malicious software on at least some of the computers they infect. Networking researchers Chris Grier, Christian Kreibich, and Vern Paxson, in collaboration with Juan Cabellero of IMDEA Software Institute, won an Outstanding Paper Award at the USENIX Security Symposium 2011 for the work, which was featured in the MIT Technology Review. Researchers infiltrated four "pay-per-install" providers and downloaded over a million instances of malware. They found that twelve of the 20 families of malware distributors seen most frequently use "pay-per-install" providers to infect machines. Pay-per-install services cost pennies per machine infected, suggesting that even if a botnet — a potentially very large group of malware-infected computers under the unified command of a single person — is completely wiped out, it could be inexpensively rebuilt from scratch. Read the award-winning paper here >>