Posts tagged as:

Spyware

CDT:US failing to prosecute Cyber criminals

by certifiedbug on August 14, 2008

in Security

State AGs Fail to Adequately Protect Online Consumers
New report from the Center for American Progress and Center for Democracy and Technology finds that state attorneys general receive thousands of complaints of online fraud and abuse but have launched relatively few cases in responseWashington, D.C. — State attorneys general received thousands of consumer complaints of online fraud and abuse in 2006 and 2007 and yet, with the exception of several notable standouts, brought few significant cases in response, according to a report released today from the Center for American Progress and the Center for Democracy and Technology, Online Consumers at Risk and the Role of State Attorneys General.

Most states supplied the authors with a top 10 list ranking consumer complaint categories (Internet-related and other). In 2007, 24 out of 30 states that provided rankings reported an Internet-related category within their top 10. Eight states ranked Internet-related complaints among their top three most common consumer complaints, including four states that ranked Internet-related complaints at the top of the list.

For 2007 and 2006, 20 states provided the number of consumer complaints associated with each category—the others merely provided rankings without giving the number of complaints. In both years, these states reported roughly 20,000 Internet-related complaints.

The Federal Trade Commission also provides data for all 50 states on consumer complaints related to Internet fraud. These data are compiled from a variety of sources, including 13 state attorneys general. In 2007, the FTC reported 221,226 Internet-related fraud complaints, up almost 16,000 from 2006 and more than 24,000 in 2005.

“These numbers are startling, but they may even understate the problem,” said Reece Rushing, director of regulatory and information policy at the Center for American Progress. “Consumers are often unaware, and thus may not report, when they are victimized by online threats such as spyware or phishing. We must take action against these threats to protect consumers and preserve confidence in Internet commerce.”

As described in the report, several attorneys general, in particular those in New York and Washington state, brought important cases on behalf of online consumers. New York Attorney General Andrew Cuomo, for example, recently announced groundbreaking settlements with Priceline, Travelocity, and Cingular, which advertised using Direct Revenue, a company that surreptitiously installed adware on consumers’ computers. In Washington, meanwhile, Attorney General Rob McKenna reached a recent settlement with the operators of several websites that lured more than 13,000 Washington consumers to divulge personal information that was then sold to third parties.

Despite these successes, however, most attorneys general have not given high priority to online fraud and abuse.

Center for Democracy and Technology:  Press release

{ 0 comments }

Beware Google Search email alerts on Blogger

by certifiedbug on February 4, 2008

in Rogue

I saw this article over at NetWorkWorld dated 01/31/08. Google blog used to spread malware

A Google-hosted blog is running phony security content that’s linked to malware, as well as using Google’s automated notification service to try to entice subscribers to click on an infected link, says one security expert.

“This is the first time we’ve seen something like this,” Elzam says. “If you get a message from a Google alert, you might think this is a service you can trust. But it’s directing you to a rogue site with fake security software.

This stuff is not new, but it is getting worse. A few days ago one of my alerts for Google Blogs provided a link which opened to a graphic pOrn page complete with videos, ‘click this to play’. Shortcut to infection via codecs, don’t ever click that junk.

I was watching for blogs containing the word of an outfit not usually associated with pOrn.

Fellow MVP TeMerc has been tracking Malware dispensing Google Blogs for some time:
More Blogspot Malware
Google Blogger Blogs Carry WinAntiVirus Ads

{ 0 comments }

Snips: ASK and Spyware today

by certifiedbug on February 2, 2008

in Security

I have been a bit busy, bashing Malware and all that.

Couple of interesting items.

EPIC complaint (PDF) filed January 19, 2008 with the FTC against ASK regarding their product ‘AskEraser.’

The Anti-Spyware Coalition (ASC) meeting held in Washington DC has convened. Many well known anti-spyware experts attended, including a fellow forum friend of mine. Go CJ.

Please see:
Spyware: What’s Worked, What’s Left, and What’s Coming.

{ 0 comments }

Spybot-S&D version 1.5.2 released

by certifiedbug on January 30, 2008

in Programs, Security

Anti-spyware program by Patrick Kolla and Team Spybot.

Spybot-S&D 1.5 has quite a lot of advantages over version 1.4: improved compatibility, more effective detections and new functions. Between all the positive feedback we received, there were also some things that needed to be improved: the immunization sometimes needed to be applied twice before sticking, many users wanted the file shredder back, and it was impossible to remove entries from the user blacklist in the Internet Explorer plugin. But first of all, we apologize for the long starting time of Spybot-S&D 1.5.1 to all users. This item has been fixed now in this new version 1.5.2.

We are convinced that you will work with the best Spybot ever: Spybot-S&D 1.5.2 has all advantages, but no handicaps over all previous versions!

Throughout the next days our partners and ourselves will provide you with version 1.5.2. This version will also be available through the integrated update within the next days.

Spybot-S&D Home Page

{ 2 comments }

Sears Violation of Its Privacy Policy

by certifiedbug on January 5, 2008

in Security

Bits from Bill: Your Sears Purchase Details Available to World

Ben Edelman update January 4, 2008.

Sears Exposes Customer Purchase History in Violation of Its Privacy Policy.

Sears’s Response

I wrote to Sears ManageMyHome via the addresses on their Contact Us page. To their credit, they responded quickly (less than ninety minutes). However, their reply does not address the seriousness of this situation. Their reply follows:

“We appreciate that you have a security concern. Thank you for taking the time to share your comments with us. We appreciate hearing feedback from our customers, and will pass this information to the appropriate area to research.”

Update (January 4, 5pm): Sears has disabled the search feature described above. Attempts to retrieve a purchase history now yield the message “We’re sorry, this feature is currently disabled.”

Let’s hope it stays that way else all Sears customers join in filing a class action suit.

{ 0 comments }

Sears installs ComScore tracking software

by certifiedbug on December 31, 2007

in Security

Ben Edelman, anti-spyware researcher and Harvard Business School Assistant Professor.

Late last month, Benjamin Googins (a senior researcher in the Anti-Spyware unit at Computer Associates) critiqued a ComScore installation performed by Sears’ “Sears Holdings Community” (”My SHC Community” or “SHC”). After reviewing the installation sequence, Ben concluded that the installation offered “very little mention of software or tracking” and otherwise fell short of CA and industry standards. I agree.

I write today to add my own critique. I begin by presenting the entire installation sequence in screenshots and video. I then explain why the limited notice provided falls far short of the standards the FTC has established. Finally, I show that Sears’ claims of adequate notice are demonstrably false.

Article and video: The Sears “Community” Installation of ComScore

{ 0 comments }

MalwareCrush Rogue antispyware program

by certifiedbug on December 28, 2007

in Rogue

Yet another fake to be aware of.

MalwareCrush is a rogue anti-spyware program that uses aggressive advertising and is installed onto your computer through the use of Trojans and other malware. This software is typically installed on your computer when you download programs masquerading as a video codecs required to view a video on a web page. In reality, though, when you install these Trojans, they will instead show fake security alerts in your Windows taskbar and install MalwareCrush onto your computer without your consent.

Once MalwareCrush is installed, it will automatically start and scan your computer. When the scan is finished it will have found the malware that actually installed it in the first place, but will require you to purchase the software before you can attempt to remove it. This is obviously a scam and you should not purchase the software under any circumstances.

How to remove MalwareCrush (Removal Instructions).
http://www.bleepingcomputer.com/forums/topic123050.html

{ 0 comments }

Mac Trojan

by certifiedbug on October 31, 2007

in Security

Mac users who practice unsafe hex will find more than they bargained for.

From Intego:

Exploit: OSX.RSPlug.A Trojan Horse
Discovered: October 30, 2007
Risk: Critical

OSX.RSPlug.A Trojan Horse Changes Local DNS Settings to
Redirect to Malicious DNS Servers

Description: A malicious Trojan Horse has been found on several pornography web sites, claiming to install a video codec necessary to view free pornographic videos on Macs. A great deal of spam has been posted to many Mac forums, in an attempt to lead users to these sites. When the users arrive on one of the web sites, they see still photos from reputed porn videos, and if they click on the stills, thinking they can view the videos, they arrive on a web page that says the following:

Quicktime Player is unable to play movie file.

Please click here to download new version of codec.
After the page loads, a disk image (.dmg) file automatically downloads to the user’s Mac. If the user has checked Open “Safe” Files After Downloading in Safari’s General preferences (or similar settings in other browsers), the disk image will mount, and the installer package it contains will launch Installer. If not, and the user wishes to install this codec, they double-click the disk image to mount it, then double-click the package file, named install.pkg.

If the user then proceeds with installation, the Trojan horse installs; installation requires an administrator’s password, which grants the Trojan horse full root privileges. No video codec is installed, and if the user returns to the web site, they will simply come to the same page and receive a new download.

Intego Press Release

Sunbelt Blog: Screenshot
Commentary: Mac trojan overhype? You tell me.

Well, we knew it was coming, Apple users may get hit hard now if the malware gangs are targeting.

Vnunet.com UPDATE: McAfee has confirmed the OSX.RSPlug.A trojan and reported that it is spreading through fake codec sites in addition to the porn website.

{ 0 comments }

DirectRevenue-Best Offers, shut down

by certifiedbug on October 24, 2007

in Security

Posted on its home page and giving no reason for the sudden closure.

Best Offers and Direct Revenue have ceased operations. To service legacy consumers we are maintaining this page of uninstall instructions, an uninstall software tool, and an email based support service.

By most accounts DirectRevenue made a lot of money off unsuspecting users.

{ 0 comments }

Zango purchases Smart Shopper

by certifiedbug on October 23, 2007

in Security

TechCrunch reported today that Zango has purchased Smart Shopper Networks, a browser based comparison shopping engine previously owned by New York based HotBar Inc.

Alex Eckelberry: So what’s the motivation behind Zango’s acquistion of SmartShopper?

It’s worth noting that Zango is primarily gaining new users through Seekmo, its porn branch. In other words, new user acquisition occurs from users downloading porn in exchange for free ads, not for funny videos of a cat jumping up and down. They need everything they can to gain legitimacy.

{ 0 comments }

← Previous Entries