Cyber crooks have worked out one of the most sophisticated click fraud malware applications to date. The Trojan code - dubbed FFsearcher by security firm SecureWorks - plugs into a Google API that allows webmasters to add a Google-powered search widget (called "Google Custom Search") to their website. In normal use, search results made via the widget are displayed alongside Google AdSense ads, with webmasters receiving a small fee every time a surfer follows an ad.
Thus, the malware hijacks this feature so that every click on an ad is user-generated, and the user never notices any change in their web-surfing experience. Hackers have also worked out a means to pull off this trick without giving any indication to surfers that anything might be amiss. Google might find it hard to unravel instances of fraud.
The previous click fraud approaches relied on tricks such as changing a surfer`s start page and searches to point to a third-party search engine, types of behavior that might more easily be detected. FFsearcher works on both IE and Firefox.