Email the Editor    Email a Friend    Print this Page 

The Bahama botnet, a sophisticated network of compromised computers that is wreaking click-fraud havoc among advertisers, is also snatching away Web traffic and revenue right from under the nose of mighty Google, Click Forensics said Thursday.

As part of its design, the Bahama botnet not only turns ordinary, legitimate PCs into click-fraud perpetrators that dilute the effectiveness of ad campaigns.

It also modifies the way these PCs locate certain Web sites through a malicious practice called DNS poisoning.

In the case of Google.com, compromised machines take their users to a fake page hosted in Canada that looks just like the real Google page and even returns results for queries entered into its search box.

It's not clear where the Canadian server gets these results. What is evident is that the results aren't "organic" direct links to their destinations but are instead masked cost-per-click (CPC) ads that get routed through other ad networks or parked domains, some of which are in on the scam and some of which aren't.

Sometimes the click takes the user to the advertiser's Web site and sometimes it takes him elsewhere, Matt Graham, a Click Forensics risk analyst, said in an interview.

"Regardless, CPC fees are generated, advertisers pay, and click fraud has occurred," Click Forensics reported on Thursday in a blog posting.

As a result, a user who intended to run a legitimate search on Google ends up unknowingly involved in a click-fraud scam in which Google also loses Web traffic and ad revenue. Google isn't the only provider of CPC ads being affected.

share: