1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Caught my PC up to no good behind my back. But wheres the money in it?

Discussion in 'BlackHat Lounge' started by tb303, Oct 28, 2016.

  1. tb303

    tb303 Power Member

    Joined:
    Dec 18, 2011
    Messages:
    773
    Likes Received:
    448
    I was looking at network requests going on in the background yesterday and noticed some odd traffic with nothing open on the PC...
    [​IMG]

    So in the background it was searching on hotel/flights sites. No idea where this came from all I know its in the last few days. No warning on AV, pc up to date blah blah blah, presuming its a drive by infection.

    I cleaned it up and tried to reproduce it by going through browser history but nothing doing so fuck knows (I did even get suspicious of that @Ste Fishkin cookie thread for a few mins lol). Thats not my question though.

    Basically wheres the money in this? someones using malware to search on sites for flight bookings.

    Selling fake traffic maybe? but whats the point it would be a short lived scam as nothing will convert.

    Also I think they fucked up too as you see it visits the root of some sites first so its maybe getting a cookie to look more legit - but then every request to every site that i checked was an Apple Mac user agent - so surely obvious fake traffic to the buyer.

    Can you think of any other reason to do this? Maybe its clicking adsense but i doubt that as it would be banned fast. I dunno, seems to be a waste of what I presume is a botnet to me.