Web advertisers got a nasty surprise this week after the discovery of the “Chameleon” botnet, a network of thousands of computers stealing millions of dollars through fake adverts. To-date, researchers have found over 120,000 home PCs infected with Chameleon, and they estimate the bot costs advertisers a whopping $6 million per month.
That sounds like a big deal! But…what is a botnet?
The word botnet is actually a combination of two words, robot and network, which can give you a clue about how these programs function. A “bot” is simply a program that automates tasks on a computer, which may or may not be malicious. On the one side, a malicious bot can be used to automatically send spam or viruses. On the other, automatic chat systems like Cleverbot are also examples of “bots,” but they pose no threat to your PC.
What differentiates a single bot from a botnet is that a botnet can include hundreds or even thousands of machines. This entire network of infected PCs can then be controlled remotely by a cybercriminal who uses them to gather passwords, capture financial information, send spam, and more. In other words, when your computer is infected with a malicious bot, it is turned into a computer zombie, enslaved and forced to do the bidding of a criminal.
The case of the Chameleon botnet
In this particular incident, Chameleon was used to target online advertisers. The ads you see on many websites represent virtual space purchased by companies—similar to putting up a billboard or paying for a classified listing. The difference is that online, advertisers pay for either ad views or clicks.
Chameleon makes money for cybercriminals by using its network of zombie PCs to simulate these views and clicks on web ads. Because advertising software cannot differentiate between a legitimate and automated computer interaction, Chameleon can siphon off up to $6 million every month. In total, Chameleon has been responsible for as many as 9 billion of these fake interactions, and it has targeted ads on over 200 different websites.
How to avoid becoming a bot
Unfortunately, botnets and other malicious software aren’t just a threat to the companies that buy online ad space. They often cause unexpected computer crashes or other issues, and they can slow down an infected PC. You can take action to protect yourself from this type of threat by keeping anti-virus software like McAfee All Access up to date, regularly scanning your devices for threats, and by downloading files only from trusted sources.
Learn more about how these “robot” or “zombie” computer networks are created in the infographic below, and be sure to join the conversation on Facebook and on Twitter with @McAfeeConsumer.