US-based machines preferred by malicious pay-per-install networks
Pay-per-install affiliate networks looking for compromised computers to get their malicious wares installed on have a definitive predilection for machines located in developed countries.
Those located in the US are favorite targets, and one lately very visible affiliate network is ready to pay a $100 for installing their malware on a thousand of them. The same number of infected machines located in Australia, Great Britain, Canada and Germany are worth $75.
For those located in the rest of the European Union the criminal can get $50, while those in countries such as Russia, Armenia, Estonia, Gibraltar and a slew of others are worth only $10.
Judging by this particular preference, it is almost certain that the malware in question is some type of banking or password-stealing Trojan.
“What’s particularly interesting about this affiliate network is that it’s invite only, namely only selected members of the cybercrime ecosystem will get access to the administration panel, and consequently to the latest version of the malicious executable that they have to spread in order to earn revenue from the service,” Dancho Danchev points out.
Also interesting is the fact that the administrator of the affiliate network is open to other forms of earning, as the currently empty ad space on the control panel seems to imply.