The click-fraud botnet earns its creators money through Google’s AdSense for Search program. The botnet’s operators intercept Google, Bing, and Yahoo searches performed by users on their own computers and replace the legitimate results with those generated by their custom search engine. The malware is included in modified installers for well-known programs, such as WinRAR, Connectify, YouTube Downloader, Stardock Start8, and KMSPico. Since mid-September 2014, Redirector.Paco has infected more than 900,000 computers worldwide.”]