Got this from Suzi today, a Wired article today about a guy that used botnets to perform stealth install 180 Solutions search and other adware.

In the first U.S. prosecution of its kind, FBI agents arrested a 20-year-old Los Angeles man Thursday on charges that he cracked some 400,000 Windows machines and covertly installed pop-up-generating adware on them, in a scheme that allegedly brought in $60,000 in ill-gotten profits. …

According to prosecutors, in 2004 and early 2005 Ancheta used a customized form of the “rxbot” Trojan horse program to find and take control of large collections of vulnerable PCs, spinning them into “botnets” capable of being directed as one. He then installed ad-delivery programs from two adware firms: Quebec-based Gammacash and LOUDcash, which was purchased by adware giant 180solutions and renamed ZangoCash earlier this year.

As someone pointed out to me, this particular line from 180 is a bit confusing:

“It was possible for someone to hack the notification-and-consent dialog boxes, which apparently this guy did, and subvert those so it would be installed silently,” says Sundwall.

To my knowledge, there were no notice and consent dialog boxes as he describes back in January.

Article link here via Suzi. (Btw, if you don’t subscribe to Suzi’s blog, do it — it’s outstanding).

Alex Eckelberry