Would you install malware on your computer if someone paid you to do it?

A team of four researchers found that 22 to 43 percent of their test subjects would download and run an unknown executable file for payments ranging from as low as $0.01 to $1.


The researchers used Amazon's Mechanical Turk to conduct the experiment. Participants were asked to download a program onto their systems and run it for an hour. They did not know what the program actually did. As the amount offered to run the program was increased from $0.01 to $10 over five weeks, the percentage of users who ran the program grew steadily and topped out at 43 percent.

The paper concludes that that "users are generally unopposed to running programs of unknown provenance, so long as their incentives exceed their inconvenience." Which means that instead paying for expensive botnets, hackers could simply pay their targets a few cents to gain access to their systems.


Convenient. [Carnegie Mellon via Engadget]