Google Dissects a Clickbot, And Discusses The Cost Of Click Fraud - InformationWeek
IoT
IoT
Software // Enterprise Applications
News
4/11/2007
08:03 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Google Dissects a Clickbot, And Discusses The Cost Of Click Fraud

The Clickbot.A botnet described in the paper consisted of 100,000 machines when analyzed in June 2006, and Google's potential click fraud cost was put at approximately $50,000.

Over the past year, Google has been reaching out to the media and the public to allay fears that click fraud represents a serious threat to its business. Its executives have repeatedly said the problem is under control and not significant for Google. Its engineers have released internal statistics, previously withheld, in support of that contention and published blog posts attacking the statistics and credibility of click fraud auditing companies. They have also added click fraud reporting tools to Google's AdWords advertising service.

Google on Tuesday published "The Anatomy of Clickbot.A," an analysis of malicious software used to commit click fraud. Despite Google CEO Eric Schmidt's past insistence that click fraud is "immaterial," the paper argues that more needs to be done to protect search engines and computers in general against botnet attacks.

"We believe that it is important to disclose the details of how such botnets work to help the security community, in general, build better defenses," the paper states, adding that Google identified and invalidated all the clicks originating from the Clickbot.A botnet in question.

The particular Clickbot.A botnet described in the paper consisted of 100,000 machines when analyzed in June 2006. The Clickbot.A software was designed to conduct "a low-noise click fraud attack against syndicated search engines." The authors of the paper, Neil Daswani and Michael Stoppelman, put Google's potential click fraud cost at approximately $50,000.

A Google spokesperson was not immediately available to clarify whether this potential cost might be incurred daily, weekly, monthly, or otherwise. But even if that's a possible daily loss, costing some $18 million annually, it's hardly a significant figure for a company with Google's revenue.

"It's unclear as to whether or not botnet-based click fraud is as profitable as keylogging and other applications of botnets," the paper states. "Having a botnet log all keystrokes, including passwords used to login to online banking sites, may allow a bot operator to obtain some average dollar profit per compromised machine. On the other hand, the bot operator could attempt to make that amount of profit by having a bot simply click on ads."

But even if click fraud is less profitable than electronic bank robbery, it probably carries a much lower risk of investigation and imprisonment.

The paper concludes that search engines need to investigate botnets, that ISPs need to better protect Web hosting customers, and that malware detection rates need to be improved. It calls for Web businesses to encourage customers to use anti-virus software and for security researchers and corporate IT department to share more security-related data. And with the publication of this paper, Google appears to be leading by example.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Commentary
Why Your Company's AI Strategy May Not Be Its Own
Lisa Morgan, Freelance Writer,  3/18/2019
Commentary
Q&A: Deloitte's Lisa Noon on Inclusivity and Cloud Evolution
Joao-Pierre S. Ruth, Senior Writer,  3/15/2019
Commentary
Empowering Women in the Workplace 365 Days a Year
Guest Commentary, Guest Commentary,  3/19/2019
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Security and Privacy vs. Innovation: The Great Balancing Act
This InformationWeek IT Trend Report will help you better understand and address the growing challenge of balancing the need for innovation with the real-world threats and regulations.
Slideshows
Flash Poll