Iframe shop spins hijacked traffic

Powered by SC Magazine
 

Buy, not build, site traffic.

Cyber criminals have opened an online store offering website operators increased traffic by hijacking other websites.

The Russia-based web shop injects hidden iframes into pages of legitimate, unsuspecting websites to redirect visitors to a buyer's URL.

Integrated frames (iframes) split pages into parts that can be used to embed elements such as advertising or windows from a single website or redirect to other sites. When an iframe's height and width is set to zero, it becomes invisible to users.

Customers can purchase 1000 visitors throgh the new online store from any nominated country for an average of $US4 ($A3.75).

Regional traffic prices purchased under "countries packs" vary; 1000 Dutch visitors cost $US18 ($A16.90), while the same number of hijacked web users from Australia can be purchased for $US8 ($A7.50).

The shop also offers to purchase redirected traffic from others. Sellers can inject their own iframes into websites and funnel the traffic through the shop where it is purchased by customers.

Its operator boasted on an underground cybercrime forum that allowed customers to use the service for any purpose without being monitored.

In a translated post, they said "our servers do not record your IP … no one will ban your accounts and we do not care what you are promoting".

The shop can adjust prices automatically based on supply and demand, the operator said.

Though initally created for personal use, the operator said “after talking with colleagues who would also like to use this system, I decided, 'why not?'".

The website is listed under Indian domain registrar Directi.

Another search engine optimisation website offered to redirect its own visitors to customer sites as part of a premium package.

It also offered a lower price package to host customer sites on its page using iframes, which would not redirect customers.

Copyright © SC Magazine, Australia


Iframe shop spins hijacked traffic
Tags
 
 
 
Top Stories
How hard do you hack back?
[Blog post] Taking the offensive could have unintended consequences.
 
Five zero-cost ways to improve MySQL performance
How to easily boost MySQL throughput by up to 5x.
 
The big winners from Defence’s back-office IT refresh
Updated: The full list of subcontractors.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  68%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  11%
 
Denial of service attacks
  6%
 
Insider threats
  12%
TOTAL VOTES: 1015

Vote