Anonymous – thank you for the post. I had actually not seen the report by Kevin Stevens before creating my segment, although it is an excellent source of information on “pay-per-install” (PPI) - a growing problem for law enforcement.
In researching topics for consumers, I focus on issues and resources that non-tech readers need to be aware of and in terms they can relate to. I pull from my work experience as a CIO while also checking a few sources on and off the web. Some of the sources I used for the Botnet Herder story were on Wikipedia and a few other websites:
www.earning4u.com (good information, but I recommend blocking this site from your browser!)
http://www.endlesscorner.com/pay-per-install-basics-making-money-online-the-dirty-way (good commentary, some of which questioned whether this practice is illegal).
I also talked to a few university officials and professors and former law enforcement to get their views on this ongoing issue.
With that said, I would like to give a shout out to Kevin Stevens and his company SecureWorks at www.SecureWorks.com . For the technically minded, you can find his paper on PPI at http://blackhat.com/presentations/bh-dc-10/Stevens_Kevin/BlackHat-DC-2010-Stevens-Underground-wp.pdf. It was presented at the Black Hat conference, a technical conference that brings together thought leaders in the security world. Impressive work and I am now following Kevin on Twitter.