Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Cyber criminals have opened an online store offering website operators increased traffic by hijacking other websites.
The Russia-based web shop injects hidden iframes into pages of legitimate, unsuspecting websites to redirect visitors to a buyer's URL.
Integrated frames (iframes) split pages into parts that can be used to embed elements such as advertising or windows from a single website or redirect to other sites. When an iframe's height and width is set to zero, it becomes invisible to users.
Customers can purchase 1000 visitors throgh the new online store from any nominated country for an average of $US4 ($A3.75).
Regional traffic prices purchased under "countries packs" vary; 1000 Dutch visitors cost $US18 ($A16.90), while the same number of hijacked web users from Australia can be purchased for $US8 ($A7.50).
The shop also offers to purchase redirected traffic from others. Sellers can inject their own iframes into websites and funnel the traffic through the shop where it is purchased by customers.
Its operator boasted on an underground cybercrime forum that allowed customers to use the service for any purpose without being monitored.
In a translated post, they said "our servers do not record your IP … no one will ban your accounts and we do not care what you are promoting".
The shop can adjust prices automatically based on supply and demand, the operator said.
Though initally created for personal use, the operator said “after talking with colleagues who would also like to use this system, I decided, 'why not?'".
The website is listed under Indian domain registrar Directi.
Another search engine optimisation website offered to redirect its own visitors to customer sites as part of a premium package.
It also offered a lower price package to host customer sites on its page using iframes, which would not redirect customers.
Copyright © SC Magazine, Australia
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.