Share This

Wednesday, February 3, 2010

Get Paid to Install Malware

Get Paid to Install Malware

Botnets are using affiliate programs to infect PCs.
By Erica Naone
Sites like Amazon offer affiliate programs that pay users for sending them new customers. And now, malware authors, always quick to adopt tactics that work elsewhere, have developed their own affiliate program, which was described in a talk given today at the Black Hat DC computer security conference in Washington, DC.

Kevin Stevens, an analyst at Atlanta-based security consulting company SecureWorks, says sites with names like "Earnings4U" offer to pay users for each file they can install on someone else's PC; the practice is called "pay per install." Stevens found sites offering rates ranging from $180 per 1,000 installs on PCs based in the U.S. to $6 per 1,000 installs on PCs based in Asian countries.

As he researched the practice, Stevens says he discovered a number of companies engaged in pay per install. These companies periodically change their names to dodge the authorities. He also found forums where users shared tips for making more money, and a variety of sophisticated tools developed to make it easier for them to install malware. "It's almost like a real, legitimate business," he said.

People who sign up for the affiliate programs often download "malware cocktails" that they then try to distribute as widely as possible. One common technique is to combine the malware with a video and offer it for download on a peer-to-peer file sharing site. Another is to host the malware somewhere on the Web, and use search engine optimization techniques to attract traffic to it.

Stevens outlined several types of software that a malware affiliate can use. "Crypters," for example, are programs that mask malware from antivirus programs. One popular crypter costs about $75 initially, and then $25 to buy fresh pieces of code that keep the malware masked once antivirus programs have begun to recognize the original. Stevens estimates that it's possible to get by for two to three weeks on each such update.

For about $225, a malware affiliate can multiply his earnings by obtaining a Trojan download manager. This program allows him to pump multiple malware cocktails into each infected PC, getting paid for each one on each compromised computer. One Trojan download manager comes with add-ons that allow a user to harvest e-mail addresses from an infected system, which could then be used to send spam or phishing messages.

Stevens estimates that some of the larger companies offering pay-per-install programs are responsible for about 2.8 million malware installs each month.

Tuesday, February 2, 2010

Engineering the Computer of the Future, One Atom at a Time

Engineering the Computer of the Future, One Atom at a Time

By Charles Q. Choi, TechNewsDaily Contributor, posted: 01 February 2010 06:19 pm ET

 
Using computers based on the mind-boggling physics of the quantum world, researchers now hope to simulate reality on the molecular scale better than ever before.

Scientists want to simulate molecules on computers to better understand and improve how they might react – for instance, how a drug might behave in the human body. But attempts to simulate complex molecules using modern supercomputers fall short because increasing the number of atoms they have to analyze leads to an exponential spike in computation time.

"If you simulate anything larger than four or five atoms – for example, a chemical reaction, or even a moderately complex molecule – it becomes an intractable problem very quickly," said researcher James Whitfield, a quantum information chemist at Harvard University. At best, he explained, regular computers only can get a rough approximation of how these systems work.

Quantum computers
 
That is why scientists are now turning to quantum computers, which rely on the bizarre properties of atoms and the other construction blocks of the universe. The world becomes a fuzzy, surreal place at its very smallest levels – things can seemingly exist in two places at once or spin in opposite directions at the same time.

While normal computers represent data as ones and zeroes – binary digits known as bits that they express by flicking tiny switch-like transistors either on or off – quantum computers use quantum bits, or qubits (pronouced "cue-bits") that are both on and off at the same time. This enables them to carry out two calculations simultaneously. In theory, quantum computers could prove incredibly faster than regular calculators for certain problems because they can run through every possible combination at once.
The particles and molecules that scientists want to investigate are quantum objects.

"If it is computationally too complex to simulate a quantum system using a classical computer, why not simulate quantum systems with another quantum system?" said researcher Alán Aspuru-Guzik, a quantum information chemist at Harvard.

Calculating with light
 
The quantum computer the researchers conducted their molecular simulations with relied on photons, or packets of light, as its qubits. While Aspuru-Guzik, Whitfield and their colleagues provided the software and performed key calculations, their collaborators in Australia assembled the hardware and ran the experiments.

Using this two-qubit computer, they simulated the smallest molecular system, the hydrogen molecule, and calculated its energy in terms of how it might react with other molecules. They ran their simulation process 20 times in a row, with each cycle working off the data from the last one, to achieve very precise values. "That's enough precision to simulate experiments with," Aspuru-Guzik told TechNewsDaily.

The great challenge that lies ahead is creating quantum computers with more qubits, which are needed to simulate molecules with more atoms. Although a 2,000-qubit computer would be roughly enough to, say, simulate cholesterol binding with a protein, the most qubits anyone has uncontestably made a quantum computer with so far is roughly a dozen, Aspuru-Guzik said.


"We are now working to make larger experiments to continue our successes with larger and larger systems," said he said.

The research was detailed online in a recent issue of the journal Nature Chemistry.

Facebook plans PHP changes

Facebook plans PHP changes

Hardware saver?

On Tuesday, Facebook is expected to unveil changes to PHP, the language that helped make the social networking site a success - along with millions of other web sites.

SD Times has outed the planned change here. Facebook wouldn't provide details when contacted by The Reg but said it would make more details available Tuesday morning, Pacific time.

The changes have been described as either a re-write of the PHP runtime or a compiler for PHP.

A change to PHP would be Facebook's latest donation to the language, which has also had contributions from Microsoft and the former Sun Microsystems over the years.

PHP co-founder Andi Gutmans, said his company Zend Technologies was aware Facebook's been planning a change and told The Reg he thinks it will be "significant." But he wouldn't elaborate further.

"We have to see what come out," Gutmans said. "Generally speaking...I think there's been some good innovation at Facebook. I imagine some of it could help community PHP."

When it comes to run-times, there have been projects such as Caucho's Quercus - a Java implementation of the PHP language - and the Project Zero PHP runtime that have generally failed to get-traction. Gutmans said this was because open-source PHP has remained the industry's de-facto standard.

He's also not overly worried that what Facebook unveiled could lead to a fork of PHP, noting the community is not as political - for example - as the former Sun's MySQL community. He expects what ever Facebook announces to be under a community friendly license and said if it is innovative then he'd be happy to see it find its way into PHP.

He said developers would continue to get their PHP source from the community.

Gutmans noted Facebook might be introducing changes because of the scale of its operations and that changes in the language might help it cut the number of servers it needs.

"We've got to remember Facebook is a very different user - a very atypical user compared to the majority of users. The performance requirements at the scale they run is very different from even heavily loaded web sites that have tens or hundreds of servers. Saving 10 per cent can be thousands of servers," he said. ®