The Register reports that The SANS Institute has uncovered evidence that networks of compromised PCs are being used to click on banner ads, generating revenue for unscrupulous publishers.
Pay-per-click schemes such as Google Adsense have programs to detect fraudulent clicks and suspend publishers implicated in click fraud. In an effort to disguise fraudulent visits, some publishers have begun hiring botnets to avoid the risk of fraud detection programs.
This use of bot-networks was revealed when security experts at SANS’ Internet Storm Centre investigated malicious software on a hacker's website. Control panels on the site, designed to facilitate the control of compromised machines infected with malware, were left open. This allowed security experts to analyse the actions of the botnet operator behind the site.
The institute has reported the site and its findings to Google