From the Register…
Selling “installs” is a common practice in the cyber-underworld, the most notable example being in 2005 when Jeanson Ancheta was arrested for building a 400,000-strong botnet and installing adware from 180 solutions for a fee of $60,000. Cybercriminals have since moved on to installing spyware onto compromised machines.
Zombie machines infected with Trojan horse malware can be used to relay spam or launch denial of service attacks. Compromised machines can be also be pointed to websites from which additional items of malware can be downloaded. The practice is normally used to update Trojan code, but it also creates a means for cybercrooks to make a “nice little earner”.
The income that can be earned grows with the numbers of installs, and varies based on the geographical location of an installation. For example, installing spyware on 1,000 machines in Australia earns $100 but only $50 in the US, and a measly $3 in Asia. A sample price list obtained by net security services firm sheds fresh light on the phenomenon.
MeesageLabs culled its figures from a malware distribution site in Russia, the existence of which we’ve verified. The site is loaded with malware and for that reason we’ll refer to it by a shortened version of its name, installscash.org.