Chameleon botnet
The Chameleon botnet is a botnet that was discovered on February 28, 2013 by the security research firm, spider.io. It involved the infection of more than 120,000 computers and generated, on average, 6 million US dollars per month from advertising traffic. This traffic was generated on infected systems and looked to advertising parties as regular end users which browsed the Web, because of which it was seen as legitimate web traffic. The affected computers were all Windows PCs with the majority being private PCs (residential systems).[1][2][3]
To make the actions of the software look more like legitimate human behavior, it made the mouse of the infected systems move around pages in browsers and rebooted the system once the sessions crashed.[2]
Also, it was sophisticated in that both Adobe Flash and JavaScript scripts were executed on infected systems.
There were at least 202 websites that were targeted by the botnet from which more than 9 billion advertisements were served to it.[4]
As a side effect of the web traffic generated by the botnet, infected systems likely suffered from general operating lag and a slow network connectivity as well. These symptoms were indicators that a PC had possibly been infected. With malware removal software like ClamWin and Exterminate It!, the infection could be removed from an infected system. It was also possible to deactivate the malware by changing the registry of an infected windows PC manually.[5][6]
References
- "'Chameleon Botnet' takes $6-million-a-month in ad money".
- Kumparak, Greg. "New "Chameleon" Botnet Could Be Costing Advertisers Up To $6 Million A Month".
- "Fake ad botnet 'stealing millions'". 20 March 2013 – via www.bbc.com.
- "spider.io — Discovered: Botnet Costing Display Advertisers over Six Million Dollars per Month". www.spider.io.
- "Chameleon Removal Tool. Remove Chameleon Now". www.exterminate-it.com.
- Geater, Jay. "How To Remove Chameleon (Instructions)". www.solvusoft.com.