A Cyber Jihadist DoS Tool

I've seen mail bombers courtesy of chinese hacktivists released during the China/U.S cyber skirmish, encryption tools released by cyber jihadists, and now we have a fully working multi-thread HTTP GET flooder for attacking "infidel" sites as the authors put it. The tool itself and the tutorial pointing to ping flooders circa 1999 aren't disturbing. What's disturbing is the time when cyber jihadists stop re-inventing the wheel to achieve a better branding effect, and start outsourcing their DDoS needs to groups who are vulnerable to a single weakness only - lack of ethics and the financial proposition they'll get. The numbers within the screenshot are part of a descriptive tutorial on how to use the tool, which is a part of the cyber jihadists' al-jinan.org DDoS initiative, so basically once cyber jihadists download E-jihad, the tool periodically "phones home" to obtain IPs of sites to be attacked and included in the DoS tool. Here's more info :

"The "Electronic Jihad Program" is part of the long-term vision jihadi Web site Al-jinan.org has to use the Internet as a weapon, something that affects any organization that relies on the Web. Electronic Jihad allows users to target specific IP addresses for attack in order to take any servers running at those IP addresses offline. The application even includes a Windows-like interface that lets users choose from a list of target Web sites provided via the Al-jinan site, select an attack speed (weak, medium, or strong), and the click on the "attack" button."

Moreover, despite that the al-jinan.org's "Electronic Jihadists Against Infidel Sites" campaign is shut down, the initiative is constatly switching locations, and is currently active at another domain. Compared to aj-jinan.org's E-jihad app that was distributing the IPs to be attacked, this campaign only recomments the use of a ping flooder. You can also amuse yourself wih this attack technique. The idea is to open 5 IFRAMEs, and reload them every 5 seconds, the site under "iframe attack" is islam-in-focus.com. Aspirational initiative, with thankfully lame execution.

A Commercial Click Fraud Tool

India's secret army of "ad clickers" employed on a revenue sharing basis is an already well known threat to the future online advertising, especially with its cost-effective model of outsourcing click fraud to human clickers, and while the public's attention is always orbiting around the use of botnets to commit click fraud, in the vary same way we have malware pretending to be a RAT, and spamming tools pretending to be email verification ones, we also have commercially available web clickers, while they're in fact click fraud tools. Click, click, click, or click once only to have a web clicker automatically aggregate and verify working proxies in between launching multiple threads against a web site presumably owned by the clicker? And no botnet needed? A commercial click fraud tool called, well, the Web Clicker :

"uses public proxies to load and click those banners. Advertisement systems will recognize every proxy as a single unique user clicking on the banner.Server administrators have to get aware of this heavy security hole, as customers may use this program to earn hundreds of dollar a month! You as a server administrator and software developer have the opportunity now to test your own servers to improve protection and to detect possible cheating schemes.If you need additional information, check the links below or try WebClicker right now! You can take a look at some WebClicker screenshots first if you like."

In previous posts "Latest Report on Click Fraud", and "AdSense Click Fraud Rates", I pointed out that click fraud has become so evident that :

"Third party companies emerged and started filling the niche by coming up with click fraud analytics software so that Google's major customers, even the small to mid-size business could take advantage of an automated way to analyze click anomalies."

And while Google are publicly admitting that click fraud is a fact and commissioning third-party analysis of their actions to detect and prevent it, such commercially available tools require no botnets, but a minor investment in proxy servers providing service, and the software itself. Finally, India's army of "ad-clickers" will achieve fraudulent economies of scale if empowered with such tools. Some issues to keep in mind :

- The tool can be used as a click fraud assessment one, so that ad networks can verify their susceptibility to such applications, or webmasters the detection rate of their click fraud analyzing solution. The main concern is that the tool is sold on a volume basis, so malicious parties can easily obtain it in between the ones they're already using

- Each and every security vendor has a huge database of malware infected, spam and phishing emails sending IPs, and while they're already figuring out ways to commercialize these databases, an ad network could greatly benefit by integrating such data within their system and thinking twice before counting a click from these hosts

- The more the advertiser is aware of the click fraud problem, the more would her requirements and expectations become. If advertising networks based on a CPC model don't build better awareness on their mitigation practices, the entire CPC ad model is at stake

Here are some tips on DIY click fraud prevention, Yahoo's and Google's comments on the latest report released by Click Forensics, a report on Combating Click Fraud with interesting perspectives on the possible tactics, and a very in-depth analysis of advertising models and how fraudulent publishers benefit from them.

Overall click fraud rate per quarter courtesy of the Click Fraud Network.