Zango

Zango is in the news again.
The Register: Zango’s adware fox desperate to guard net henhouse

Last month, it asked the Ninth US Circuit Court of Appeals to reconsider a decision by a lower-court judge that held Kaspersky was immune from such lawsuits.

Sunbelt Blog:
Zango partnerships
Zango reacts to Sunbelt blog posts

PCMag: Must You Install Zango?

Ben Edelman commented at PCmag and Sunbelt:

Why do people continue to distrust Zango? Because Zango’s continued actions deserve distrust. Four specific examples:

1) Zango continues to run “fake user interface” ads that are disguised to look like Windows message boxes. Example. These ads continue to this day.

2) Zango continues to install its software without unavoidable, prominent disclosure of material terms. Example. Zango’s settlement with the FTC requires improved disclosure. To my surprise, Zango claims the FTC settlement doesn’t require such disclosure for “heritage Hotbar products”. But the FTC settlement’s plain language specifically applies to “any software program” Zango installs or downloads — offering no “Hotbar exception.” Quotes, citations, and further analysis.

3) Zango continues to defraud online advertisers, including by showing pop-ups that claim affiliate commissions Zango did nothing to earn. Last spring I wrote up a few examples. It’s easy to find many more. Indeed, my Automated Spyware Tester catches dozens of such examples per month.

4) Zango touts its video offerings, which include widespread videos infringing on copyrights held by others. Zango has no proper basis to hold these videos in its library, or to use them as bait to attract users to install Zango’s software.

This is all in the present, not the past. And these scams — fake user interfaces, ineffective installation disclosures that fall short of settlement obligations, defrauding advertisers, and infringing others’ copyrights — are good reasons for users to “distrust” Zango (or worse!)

Certifiedbug: Zango tags.

The beat goes on…..

{ 0 comments }

This is disturbing.

Is that the sound of your flesh crawling off your bones? No? Well, how about when I tell you that this “dating site”for 13 year old kids is called “Mylol.net”?

Originally, the site invited you to download Zango videos once you were a member (videos that require you to be 18 or older to install the Adware. Remember this, because it”ll become real important in a few moments).

So it does, read the rest at Vitalsecurity.
Presenting a “Teen Dating Website”. No, Seriously.

{ 0 comments }

It has been nearly a week since security vendor Fortinet posted an advisory implying Zango was responsible for a malicious widget on Facebook.

Zango fires back at Fortinet over Facebook adware accusations

“It is not associated in any way, shape or form with Zango,” Zango Chief Executive Officer Keith Smith told SCMagazineUS.com today. “Based on the fact that a [Zango] ad showed up after this widget was installed, [the advisory] implied that spyware was being bundled with this widget, which was not the case at all.”

Fortinet Facebook Widget Advisory Untrue
Posted: 5:27 PM, Jan 08, 2008

In follow-up to Friday’s blog post entitled: Fortinet’s ‘Facebook Widget’ Advisory False, Zango earlier today announced a Zango press release showing the company’s involvement with a “malicious Facebook Widget” as blatantly untrue.

As a result of the press release, as well as a number of other communications, Matt Hines of InfoWorld posted a blog this afternoon that calls Fortinet’s advisory in question. In his post entitled “Zango strikes back over reported Facebook hack,” Mr. Hines graciously admitted that upon further review, it appears, at least in part, there was a mistake in interpretation of the advisory and he cautioned that, “We in the security community who picked up on this story so eagerly should also be reminded to look into all the details of any security bulletin before we report on it.”

Chris Boyd, security searcher at FaceTime Communications, aka PaperGhost,(Vitalsecurity.org) Sorry to ask, but this whole Zango on Facebook thing…

In it’s original incarnation, did this application

A) open a box for Zango and only Zango every single time it was tested, or

B) did it just happen to randomly show a Zango advert (out of a big pile of other things it could have displayed)?

{ 2 comments }

A FortiGuard Advisory January 2, 2008 warned their researchers had discovered a malicious widget called “Secret Crush” spreading on Facebook, the social networking site, which prompted users to install the application.

Users were informed they needed to invite at least five more friends to Secret Crush before proceeding, and then were invited to download a Crush Calculator application which contained Zango software. Zango or its affliates are often depicted in the media as adware/spyware.

Zango has publicly denied involvement with Secret Crush.

Fortinet’s so-called “Advisory,” issued Wednesday with the attention-seeking headline “Facebook Widget Installing Spyware,” is completely false as it relates to Zango. A thorough investigation by Zango security personnel reveals no silent or surreptitious installation of any software, much less any “spyware,” by or in connection with the “Secret Crush” widget.

CNET News.com’s Caroline McCarthy writes that on Monday, January 6, 2008 Facebook announced:

Facebook is committed to user safety and security and, to that end, its Terms of Service for developers explicitly state that applications should not use adware and spyware,” a statement from the company read. “We have contacted the developers and have disabled the Secret Crush application for violating Facebook Platform Terms of Service.

Zango said the Secret Crush widget on Facebook is now called the “My Admirer” widget.

Apprantly Zango is making the rounds posting disclaimers, such as the comment left on Security MVP Shaba’s pcsecurity blog.

{ 0 comments }

TechCrunch reported today that Zango has purchased Smart Shopper Networks, a browser based comparison shopping engine previously owned by New York based HotBar Inc.

Alex Eckelberry: So what’s the motivation behind Zango’s acquistion of SmartShopper?

It’s worth noting that Zango is primarily gaining new users through Seekmo, its porn branch. In other words, new user acquisition occurs from users downloading porn in exchange for free ads, not for funny videos of a cat jumping up and down. They need everything they can to gain legitimacy.

{ 0 comments }

Paperghost didn’t like what he wrote in it.

It was all going so well, until…. I saw this post by Zango CTO Ken Smith, and I just had to reply.

{ 0 comments }

Guess Zango needs to check its mailing list.

Let me get this right……you decided to send a press release to me……Paperghost……known for my enthusiastic response to all things Zango…..who happens to work for an Instant Messaging Security Company…..to tell me about how awesome Zango’s new adverts….that look like Instant Messaging Notifications……will be?

Link: vitalsecurity

{ 0 comments }

Zango’s court case against Kaspersky has been thrown out, because Kaspersky has immunity as a result of the Communications Decency Act.

The decision can be seen at Ben Edelman’s site. (PDF)

Ben has also updated his list of legal actions: Threats Against Spyware Detectors, Removers, and Critics

{ 0 comments }

Zango Drops Lawsuit Against PC Tools

Adware company Zango has voluntarily withdrawn its lawsuit against security software company PC Tools, which Zango accused of illegally removing its software from users’ PCs without their express permission. The move follows a court’s refusal to grant Zango a temporary restraining order.

Article at BetaNews.

{ 0 comments }