Anatomy of an install

It seems that, some time after the inital "outing" of the Java applet install, serious researchers are now investigating key elements of the whole process, and wouldn't you know it if the excellent Wayne Porter has posted a fantastic investigation into the site of the moment, Spazbox.net (as detailed by Suzi of Spywarewarrior.com). I predicted the applet install would spread, and spread it has - since the initial discovery on Lyricspy.com, I've seen it on everything from porn sites to crack domains. However, Spazbox is interesting because of a number of factors regarding search engine rankings and exactly who is providing the install code.

Wayne's analysis is extremely thorough and if you like the look of this:

While this domain appears isolated with virtually no links in from any significant search engine, and no page saturation in any search engine it is paradoxical to the Alexa data that shows transient, yet significant traffic spikes throughout the year. In short where are the visitors coming from if they are not coming from the Web? Could traffic be originating from. IRC, SPIM, Word of Mouth, or another source unknown?

Then visit this link for more information.

I think I might have to dig out my trusty testbox again...