Turns out, cybercriminals can bring home some decent money, after all–at least until someone catches on and shuts down their latest revenue stream. After some reverse-engineering, the sleuths at Symantec have puzzled out the motivation behind the Mac Flashback botnet: Stealing Google’s ad revenue. Because, as a clever man once said, that’s where the money is.
Here’s how it works: when an infected user conducts a Google search, Google will return its normal search results. Flashback waits for someone to click on an ad, and once this happens the user is silently directed to another, irrelievant ad that generates revenue for the attackers.
Symantec concludes, “This ultimately results in lost revenue for Google and untold sums of money for the Flashback gang.” How much money? At the height of the infection, ballpark $10,000. Per day.
Though we can’t imagine that’s hurting the GOOG’s bottom line too much.