Home > Features > Malicious Monetization • Bookmark   • Newsletters   • Register Search Options


Malicious Monetization

Malicious Monetization

March 13, 2009
Text size: 
Get XBIZ News
XBIZ Research
Will virtual reality boost the paysite market?
Yes, it will soon
Yes, but in a few years
Out of 179 votes. Results based on votes submitted by members of XBIZ.net social network.
Perhaps you can blame the declining economy as the culprit behind the escalating bad behavior being exhibited throughout certain segments of cyberspace, where everything from fraudulent billing to extortion and beyond awaits the unwary surfer with increasing regularity — a situation that sometimes hits too close to home.

For example, a recent XBIZ News story detailed a German federal Office for Information Security (BSI) report of the "growing and persistent array of online threats that continues to outwit even the savviest of users."

"The situation is serious — it is even more catastrophic than we feared," said Hartmut Isselhorst of the BSI. "We are all being attacked. As soon as we go online, we become the target of attacks."

And right they are.

I've been a heavy Internet user and webmaster since 1993, and in that time, I have had one website hacked (damn kids in Amsterdam deleted my site and put a photo of a bong on my homepage …) and had my workstation disabled by KAK, which left me freaked out by it shutting down and displaying a notice that "kagou anti krosoft says not today!"

But that was a long, long time ago, and my security has dramatically improved since then to the point that I don't get too worried about visiting some of the, shall we say, "shadier" online neighborhoods that my work sometimes finds me in.

Until now, that is.

What has me concerned is two recent attacks that hit within a matter of days of each other — events about which I'm still dealing with the fallout.

First up was an infection that left me with a copy of Spyware Protect 2009 on my system, displaying its ominous "Warning! You have spyware on your computer — click here to purchase our tool to remove it!" dialog boxes and Windows system-like behaviors to make it look "official." The folks behind this did a great job of presenting their offer, and the persistent little bugger took quite a bit of effort (and bad language) to remove — being entrenched in my browser, task bar and throughout my system's files.

As part of this attack, a host of other nasty mutants compromised some of my anti-virus and firewall protection in an attempt to "pry the door open" for further attacks, which was a most disheartening experience as I watched my fortress' walls crumbling.

As a side note, for the many people who doubtless bought into this software scam, far from removing the threat, the Spyware Protect 2009 installation would simply heap even more digital atrocities onto the hapless user's computer.

Did I pick something up on an adult site? Maybe, but I visit at least as many mainstream websites, and they often are more attractive to hackers.

Regardless of where the actual attack took place, those initiating these attacks are online extortionists who seek to use fear as a weapon to drive sales. And while I didn't make a purchase, I was scared — scared at the thought of losing all of my data (how current are those backups?) and of the loss of any sensitive information of value to identity thieves or other criminals. What else was my computer doing now — things that I didn't even know about — like launching "zombie" attacks on other computers?

It took a lot of Googling to get things straightened out, plus the use of some new tools such as Malwarebytes' Anti-Malware solution, as well as the loss of a few hours and a lot of stress to overcome this infection, which was far more sophisticated in its attack than the previous KAK virus that I had. Bastards.

And you'd think that I'd learned my lesson and would be more wary, but you'd be wrong — and so it was that two days after cleaning out my system I found myself upgrading an old WordPress installation on my server to the latest version, which has a nifty FTP client to upload and install plugins. But plugins by whom, from where — and how safe are they?

The one I installed that day using said fancy admin panel asked for my FTP username and password — not the first piece of software I've installed to do so. And you might have guessed it, but the next morning, all of the index pages on all of the sites on that server (and their subdirectories) had malicious commie code embedded in them, trying to send my visitors unknowing-like to domains that ended in .ru.

Encoded HTML redirects placed in my <head>s using JavaScript and "eval" commands, plus encrypted scripts injected into the PHP contained in my <body> tags. Had they done it by hand and gone back to check the pages, they could be wreaking havoc on anyone who landed on one of my pages. Sloppy hackers and their automation — stray snippets of their malicious code were left visible on some of my pages, and if not for this glaring red flag, I might not have noticed the attack — at least for some time.

Changing my FTP password stopped them, but once again, hours are lost and sleepless nights spent restoring corrupted pages from backup files and scouring folders for other signs of attack.

While malicious website attacks are nothing new, this apparent increase in the incidence and severity of these attacks doesn't bode well for e-merchants, mainstream or adult, who rely on a customer's trust factor when dealing with virtual entities.

At a time when every sale counts, marketers and others using malicious tools to further their means and bottom lines are a threat to all operators — and a threat that must be confronted and addressed.

For my part, I'm going to beef up security and push ahead.


Sexperts Tout Men’s Wellness Benefits of Pleasure Products

Sex, more and more, is being discussed not only from an erotic standpoint, but also, from a health and wellness standpoint. MensHealth.com, MensJournal.com and many other mainstream websites have been... More »

Male Sex Toys Get Creative With Non-Anatomical Designs

Male toys are becoming more and more popular for both straight and gay men. While the emphasis has long been on women’s toys, today men’s products are a burgeoning market. Channel 1 Releasing... More »

Manufacturers Recreate Lifelike Sex for Male Masturbation

Sex is sex, even when you have it with yourself. Wherever that little love dance goes, sex toys are sure to help guide you on the journey. When it comes to men, the industry appears to have thrown its... More »
Stay informed of the latest industry developments. Get XBIZ newsletters delivered to your inbox. Subscribe today!
Enter email address:

* To manage existing subscriptions click here.

Submit your press release to
multiple news outlets with 1 click.
Subscribe to RSS news feeds or
add free content to your website.
Access XBIZ news and articles
with your mobile device.
Subscribe to XBIZ World magazine, the industry's leading e-commerce trade publication, delivering in-depth coverage of the online, mobile and ancillary digital markets.


Latin America Adult Business Expo

Jul 10 - Jul 12
Cartagena, Colombia

ANME Founders Show

Jul 16 - Jul 18
Los Angeles Marriott Burbank Airport


Aug 03 - Aug 06
Montreal, Quebec

XBIZ Berlin 2017

Sep 11 - Sep 14
Berlin, Germany
Everyday thousands of business professionals browse XBIZ's industry directory for quality products and services. Not listed yet? Your company could be losing potential new business. Submit your company today!
Use XBIZ RSS feeds to stay informed of the latest industry developments or as a content syndication tool for your website!