InformationWeek > Malicious Code > From Russia With Malware > May 30, 2005.
IframeDollars.biz says it pays Webmasters to place a one-line exploit
on their sites. The code exploits a number of patched Windows and
Internet Explorer vulnerabilities, including some that go back as far
as 2002. Systems that haven't been updated would be vulnerable to the
exploit. According to analysis done by the SANS Institute's Internet
Storm Center, the exploit drops at least nine pieces of malicious
code–including back doors, other Trojans, spyware, and adware–on any
PC whose user surfs to a site that hosts the exploit code.
IframeDollars
says it pays $61 per thousand unique installations, or 6.1 cents per
compromised machine, to any site that signs up as an affiliate.
“It's
very clever,” says Richard Stiennon, the director of threat research at
anti-spyware software vendor Webroot Software Inc. “And very brazen.
This is new in that they're taking an existing business model–an
affiliate-style program–to exploit a [Windows] vulnerability to plant
their code.” [Privacy Digest: Privacy News (Civil Rights, Encryption, Free Speech, Cryptography)]