Not so long ago, script kiddies would happily give away their leet haxing tools to all and sundry – the only cost was using up some bandwidth to grab them, though of course sometimes their programs came with something a little extra and the cost would rise dramatically for the unfortunate “victim”.
These days it’s a growing trend to see people attempting to make money from their downloads in a very specific way that infuriates both researcher and script kiddie alike. Here’s a typical Youtube video advertising some sort of hack related shenanigan.
Notice it has two different download links, because they want to make as much money as possible. If you visit the links, you’ll see lots of pages that look like this:
“Regular download” means you’ll have to fill in a survey to access the download link:
Every time you fill one in, the uploader makes some money. More often than not, files uploaded to pay-to-access sites are worthless, or don’t perform as advertised. This is bad for security researchers, who don’t particularly want to generate income for the uploader to get their hands on the file. It’s also bad for random web users who have no real way of knowing what they’re going to end up with before signing their life away to adverts, spam and marketing databases.
With that in mind, I was rather amused to see someone advertising a program designed to get around pay-to-download services such as Sharecash:
Download the program, run it and you’ll be working your way around all of those surveys in no time. It’s a hacking / cracking tool buffet and everyone is invited!
It sounds good. However, clicking the link on the video takes you to the homepage (which has been around since 2009):
What do you think happens when you hit the Download button?
You couldn’t make it up.
Christopher Boyd