Today, Symantec along with Microsoft announced the joint takedown of the command and control servers used by a threat called Trojan.Bamital. This malware was used to carry out extensive click fraud activities that netted the criminals behind it a conservative estimate of $1.1 million U.S. dollars annually.
Click fraud is a major component of the online criminal underworld. It works by redirecting end users to ads and other content they didn’t intend to visit. It also generated non-human initiated traffic on ads and websites with the intention of getting paid by ad-networks.Bamital was also responsible for redirecting infected users to websites peddling malware under the guise of legitimate software.
The Bamital takedown sends a message that click fraud operations are being taken seriously and can be stopped.
Symantec’s role in the takedown was to provide the technical analysis of the malware and the related command and control structure.