Slashdot Mirror
Spyware Masquerading as Spyware Removal Software
Cocooner writes "News.com is reporting that some of the anti-spyware/adware software out there is doing more harm than good by acting as double agents. One example is a software package named SpyBan (google cache since the original site has been removed), which happened to be hosted by download.com, accused of installing Look2Me, which monitors and reports web surfing habits. SpyBan was downloaded over 44000 times before it was pulled. How 'low' can they go?"
I wonder if I can get a patent on "Invention that does completely the opposite of what it claims to do"
How 'low' can they go?
All the way to hell, I really hope.
As low as a worm?
"There is no teacher but the enemy."-Mazer Rackham
in using Spybot. It doesn't install spyware... or does it.
Evolution or ID?
So was it on Download.com after they started charging for hosting? Was this shareware or freeware? Geek minds want to know!
"Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
How low ? Don't go there ...
/. adverts...) On a commercial site, you've got about a 25% chance (empirical estimate) of getting a popup saying that XXX has been blocked...
I've got Spybot on my Windows box at work, and the number of times it triggers is just amazing (yes, even on
Simon
Physicists get Hadrons!
If you run a Windows system then I heartily recommend Spybot Seek & Destroy to keep it clean and immunized. Support the author too, donate a few bucks for good work.
not related in any way, just a satisfied user
Trolling is a art,
The problem here was this program claimed to be so amazingly user friendly that it was hard for anyone to turn down. I know a couple people that swore by it due to its ease of use. Granted that other solutions out there aren't difficult to use either, but we are talking about the masses of non-techies out there.
They should try to spend their time on programs that are more usefull, like those thingies that prevent your IP adress from being visible on the net, or keep your computer clock accurate....
10 ?"Hello World" life was simple then
Worst thing is that they have started advertising on TV as a virus removal/firewall package.
One user on my network install it, basically shut down all network connections. And loaded the computer full of crap.
Also known as eAnthology.
It is the people that would download and install these items that are the ones that would have originally downloaded the spyware.
I have a client that has to have me clean his computer every 3 months of spyware since he and his children click on the banners on websites.
It is time that websites stop showing banner ads for these types of websites. Afterall, if the uneducated people on the web only make it to portals and news sites, then it is unlikely they are going to find the spyware.
I fear that the best solution is integrating process management/API hooking into the OS to stop the ability to monitor computers.
BTW, Researching companies should take blame for helping buy the information the spyware companies produce. If there is no market, I am sure they would stop developing the software for their own entertainment.
Spybot
Ad-Aware
There are others, but these pretty much have it covered i think.
This is my Sig, this is my Gun. One is for Slashdot and one is for Fun.
The person or people who provide these products are claiming they do one thing but in actuality do another.
Sue their asses into oblivion for false advertising, deceptive trade practices and any other related matters.
You as an individual could also sue them on the same grounds.
I am not a big fan of suing for the sake of suing but this stupidity and outright fraudulent practices must be crushed by all means necessary.
IANAL but I do have a legal background (and I slept at a Best Western once).
Again, just my 0.02$
DrkBr
IMHO all spyware should be treated as a virus. It has all of the same symptoms, if not more than a regular run of the mill virus. It tries to infect people by tricking them, sneaks onto a box unknowingly and sends unauthorized data. When people start thinking of spyware as a virus, it will be treated as such.
Stay tuned for new sig...
I spend a large portion of my day using Altiris's Notification Server product to identify and remove spyware on computers at work. Believe me, this isn't new and there are *lots* of "spyware removal" apps that come bundled with spyware of their own--I see this crap every day.
How 'low' can they go?
I don't know, but the limbo hurts my back, so let's hope it does theirs as well.
If not, someone kick them in the crotch while under the pole.
Aych tea tea pea colon slash slash slash dot dot org slash
Step 1: Format Hard Drive
Step 2: Turn Computer off
Step 3: Never use Computer Again
-Certified TechnoWeinie
In other news...Bonzi Buddy claims to be your buddy, when he's not your buddy at all!
Insensitive clod.
Program authors who set up this kind of trojan horse (think about it, it is like a trojan horse), should be publicly flogged and hung from the gallows at dawn.
I have lost hours cleaning up spyware messes. It would totally piss me off to have the tool I use be spyware-infested. That's akin to using a vaccine that is full of contaminants.
Be excellent to each other. And... PARTY ON, DUDES!
Avantslash - View Slashdot cleanly on your mobile phone.
...you must not be using IE.
This has been happening for a while now and is pretty obvious if you're forced to use IE for any extended period of time.
There will be a popup or two with the not-so-subtle title 'SPYWARE DETECTED!' and enough flashing colors to make any experienced sufer wary. Spyware works best against the inexperienced, is this a surprise to anyone?
- Dan
I seriously wonder what other kind unknown spyware that are used to monitor us? I can even imagine information being collected and stored locally on the computer by various programs and that this information is later picked up and shared through a spyware program. Then spyware programs really only need to submit the information that has already been collected.
Cheap Windows shots aside, there are many ways to get crap on your non-Windows machines. Cookies, web-bugs cross-site banners etc etc are ways to track a user. My OpenBSD boxes are secure from known hacks but I still surf with a Privoxy filter and a Squid cache at the head of my home LAN..
Security and privacy are like an onion, no need to repeat the whole analogy here.
Trolling is a art,
I think there is some really nice irony here. I'll get a good laugh out of it. What it really comes down to, to me, is that users blindly install things (ha, even anti-spyware/adware) and don't listen to what people say about it.
"Gator cursors?! Rad. I love little annoying cursors." Install spyware.
If people would be more informed about their computing habits, spyware would be avoided, as would viruses.
Adware, on the other hand, may have some legitamate uses. For example, Opera had a free version of it's browser that shows ads. AIM shows ads. Even Slashdot shows ads.
But if you don't like it, don't run it. Research is the key. It's time we stop letting people use computers until they understand HOW to use them.
Has anyone any statistics on the cost to end users of spyware/trojans as compared to viruses? Yesterday I cleaned-up a Windows PC that was being used by a visitor to the company, ad-aware found something like 10 different trojans and spywares on it. Nothing worked anymore: MSIE always went to some advertising site, Mozilla died (was killed, actually), installing ad-aware took ages because one of the trojans was deliberately killing the install program...
My solution was to wipe the PC and stick on Xandros. But this is not feasible for everyone. So how much time and money do spywares actually cost, and is there no way these creeps can be persecuted for theft of computing resources or interference in operations? I know that the EU cybercrime laws prohibit at least some aspects of spyware (such as interference in normal system operations and interception of private communications).
Ceci n'est pas une signature
This is similar to credit card scam that Bruce Schneier pointed out in his latest cryptogram. Fooling people into eating poison wrapped up as a remedy. Bastards.
New Credit Card Scam
This one is clever.
You receive a telephone call from someone purporting to be from your credit card company. They claim to be from something like the security and fraud department, and question you about a fake purchase for some amount close to $500.
When you say that the purchase wasn't yours, they tell you that they're tracking the fraudsters and that you will receive a credit. They tell you that the fraudsters are making fake purchases on cards for amounts just under $500, and that they're on the case.
They know your account number. They know your name and address. They continue to spin the story, and eventually get you to reveal the three extra numbers on the back of your card.
That's all they need. They then start charging your card for amounts just under $500. When you get your bill, you're unlikely to call the credit card company because you already know that they're on the case and that you'll receive a credit.
It's a really clever social engineering attack. They have to hit a lot of cards fast and then disappear, because otherwise they can be tracked, but I bet they've made a lot of money so far.
Free XBox, PS2
Yeah SpyBot seems to be a small one person deal. I have been using it for a while now and have had no problems. I use it in conjunction with Ad-Aware and what one does not catch the other usually does.
Spybot is a great package. The option to immunize your machine against the crap just removed is superb. I recommend it to all. AdAware was slow at updating for a while.
"How 'low' can they go?"
As low as they need to in order to make a buck.
Does this really suprise anyone? We've continuously seen spammers/telemarketers/advertisers/etc. sink lower and lower over the years as their tactics are countered. First there was telemarketing then the Telezapper gave us all a little hope that the incessant calls would stop. Then the telemarkters came up with a new tool that beat the telezapper. We responded with the Do Not Call Registry and now the telemarketers are suing on the basis of free speech. They will stop at nothing, not even the breaking the law, to make money.
Chaos reigns within.
Reflect, repent, and reboot.
Order shall return.
and I'll say it again, Ad-Aware (www.lavasoftusa.com) is the only spyware removal program that's worth a damn.
Some of the others that I have seen/tried, are too zealous and end up removing bits that are *required* by proper programs, and end up wrecking things.
Ad-Aware, good as gold.
In addition, IIRC they offer a corporate-based version, much like Norton-Antivirus corporate, and that's a slick idea.
So rise up, all ye lost ones, as one, we'll claw the clouds.
Sitting at a coworker's PC trying to figure out what was wrong with it for her, had an installer popup out of nowhere when no web browser was open offering to install a Spyware removal tool for me. One Ad-Aware update and scan later and her system was behaving fine. Don't remember the name of the program... May of been SpyBan...
Funnily enough as this article popped up I was on the phone w/ another coworker who had installed SpyHunter on a suggestion from an office mate... Problem was it started giving weird errors and she claims it kept reinstalling itself when she's remove it from Add/Remove Programs. She deleted the folder it belonged in and that seems to have eliminated it finally, but I had to clear a registry entry on her PC for her that was trying to start it...
Funny thing was whatever genius wrote the software didn't enclose the path to the program in quotes, so it was trying to run C:\Program... That's really the kinda programmer I want mucking about deleting 'Spyware' off my PC.
Thank God for Lavasoft...
Maxim: People cannot follow directions.
Increases in truth directly with the length of time spent explaining them
From their website:
"About SpyBan
SpyBan is a cutting edge software, which is able to detect and remove all popular forms of spyware programs including Trojans, system monitors, keyloggers and adware. You don't need to be a computer expert, or spend a lot of time learning how to use it. SpyBan is one of the most user friendly spyware protecting programs available on the market today and it is 100% FREE!"
Technology
SpyBan has very advanced algorithms, which not only can detect primitive and old spyware, but can detect new generation applications as well. SpyBan loads every time you start your Windows and appears on your taskbar next to clock. If you point your courser to the SpyBan icon and click on it, SpyBan will appear. If you click on "Scan Now" icon, SpyBan will immediately start scanning your computer's hard drive for existing spyware all available local disks.
The descriptions themselves reek of spyware.
[alk]
Maybe Dell was smarter than we gave them credit for a few months ago when they refused to recommend any one spyware removal product. Just imagine if they had and it turned out to be this debacle. Ouch. The PR would be horrid.
Ok, well WHOIS tells us that www.spyban.net was registered to NicTech Networks, Inc. Which is a 'desktop media' corporation based in Minneapolis, Minnesota. Site has a similar design to www.spyban.net, and they claim to 'offer highly-targeted online advertising solutions' with 'a reach of over ten million monthly Internet users'. Sounds right, and they are a domestic US company. I'm presuming something like SpyBan must break one or two laws? (At the very least deceptive advertising?)
I particularly like this bit of their page:
Need SpyBan?: Your computer and your privacy are at risk if you: - surf the internet more than 1 hour a week - share your computer with another person - make purchases online - use file-sha
hmm, that's me! sign me up! classic scamster stuff, sad that it got 44,000+ people.
This is my Sig, this is my Gun. One is for Slashdot and one is for Fun.
Spam advertising anti-spam software
Viruses claiming to be security updates
SCO pretending to be a software company
Security and privacy are like an onion...when they get cut, it makes me cry.
Remove spyware which log stuff for other businesses while installing your own. Business-wise very good move, granted you have no ethics and are morally bankrupt. Kind of like McAfee AV marking Symantec products are virusses and then installing trail versions of it's own competeting software.
Hate me!
Most spyware is a result of the lax security of IE. Instead of installing anti-spyware programs (many of which are trojan horses for nasty malware), why not try a browser that doesn't allow the spyware on your system in the first place.
Not to mention the oh-so-easily abused rating system, and obvious sponsoring BY spyware programmers...
And with such a reliable sounding name, the average Joe just thinks "hey it's from Download.com how could it possibly be bad? right?"
And the next thing you know, your computer illiterate relative is on the phone with you again griping about how their browser is going places they don't want, they're being spammed to death with ads on their screen, and their computer has slowed to a crawl.
I motion we make spyware programming punishable by slow castration and death under international law...
Machine9dotNet
How do you know they aren't selling that info to these same companies?
'Same speed C but faster'
These are marketers. Was that a trick question?
If I were in a room with a lawyer and a marketer, and I only had one bullet... I'd kill myself.
.sigs are for post^Hers.
Yep! I've been praising SpyBot and recommending it to practically everyone running a PC on the Inet for months now. (As I said in a previous /. thread, I work doing on-site PC service, and this program, alone, cures more PC issues I run into than anything else we use.)
I'll tell you another little tip, though. If SpyBot already claims it's cleaned everything up, but your PC is *still* spontaneously generating pop-up ads on the screen, or running abnormally slow (perhaps you still see odd processes listed as running in the process list?), here's the way to fix it.
Run regedit, and search the entire registry for "run once". There are several "run once" registry keys, with plain old "run" keys directly above each of them. (You're mainly interested in what's in the "run" keys, but searching for "run" will find hundreds of things we're not interested in.) If they're starting up some kind of trojan horse or spyware/adware program on your Windows PC (and assuming it's not simply in the "Startup" program group!), they've got to be doing it in one of these "run" keys. Look for sneaky files in there with names like "windowsupdater.exe" (MS doesn't ever run a file by this name to do the real Windows updates), or just gibberish names like 0br003445l.exe and delete them from the "value" line of the "run" key. I've even seen files in there I wasn't sure about, until I looked in the folder under "Program Files" where it was running from; Then I saw a *documentation* file in the program's folder explaining that the utility was "designed to automatically present advertisements to the computer user at random intervals"!
I've had really good luck with spybot s&d for removing Windows spyware/malware/adware, etc., but though it is freeware,
I'd really like to use and support an Open Source removal tool - I want to see the source, etc. - in my co.'s environment. Is there such an animal?
"The basic tool for the manipulation of reality is the manipulation of words." - PK Dick
...got bit by this. She paid something like $30 for a piece of software called spyware nuker. She coplained of pop-ups and general slowness so I took a look around and found out about the questionable activities of this program. Apparently it loads its own pop-ups.
She finally caved in and allowed me to install Linux on her PC, thankfully!
I converted my 70 year old grandmother to Linux last year and she loves it...hopefully my mom will stick with it as I usually have to remove viruses and trojans once every couple months.
======== In the future, everything will be artificial. ========
The FAQ from alt.privacy.spyware lists the more popular and trusted anti-spyware/anti-adware tools. Lots of good information and advice in that group.
Yes, I know the programs listed in the faq are a bit windows-centric. But guess which platform most posts on that newsgroup are about.
That was my exerience. I have been a faithful Spybot fan, and I figured what the heck, so I gave Ad-aware, and it picked up a program that happened to find its way on my machine.
I'll tell you what needs to happen -- is Congress needs to crack down on those pages that try to force you to install a program, aka viewer, in order to look at the web page. I have made quite a bit of money cleaning such things from people who got dupped into downloading and installing programs because it was the only choice they were faced with. The other day I visited a seemingly innocent site and it would not let me close the browser, so I had to CTL-ALT-DEL and then end the task. Spammers and spy/ad-ware people are destined for the same eternal destination.
The views expressed are mine own and do not express the views of my employer.
I *really* hope the less experienced users out there that read this, don't now become afraid of the good spyware removers. Readers here know that spybot and adaware are great, but since all the names of the other malware/trojan apps are so similar, how is joe homeowner supposed to keep them straight?
Geeks don't get laid because they are completely selfish and anti-social. I'll lay it out:
1.) They're selfish. This means that whatever benefits them, they want. And they will justify it to no end. Example--MP3 downloads magically become a culture movement against the RIAA, not a direct ripping-off of real humans who rented a studio and recorded the music to make a living. People get used to the convenience of MP3 downloading and invest justifications for it so their guilt goes away. This has led to entire subcultures on the net in which warez is okay, mp3s are okay, and hacking is okay.
2.) They think their mindset is a majority mindset somehow more valid than anyone else's. Most normal people who get used to something have no problems with other people doing it differently. Nerds, however, feel whatever they do, everyone else must do the exact same way, or it is no good. Example--XFree86 cut-and-paste. Witness endless Slashdotters write entire essays explaining why the X11 cut-and-paste scheme is somehow better than the cut-and-paste scheme used by 95+ percent of computer users, and if others use Ctrl-C and Ctrl-V, they are using a "braindead" scheme. Yes, someone actually felt strongly enough about a cut-and-paste scheme to label it that. Insane.
3.) They think being an encyclopedia is appealing. This means they don't know any other way to impress someone, so they will throw facts at them. Most normal people relate emotionally to others. But nerds have often spent a lot of time in non-social environments, and so emotions aren't something that are felt, but thought about. So, when they actually become involved in a social environment, they don't know any other way to impress or converse but to exchange random facts and argue about things other people don't care about. Example--most any thread on Slashdot in which an argument takes place. "So-and-so happens this way." "Actually, it happens this way." "But since version 0.11.4p2, it has done this to do this." "Only on the OS X port."
4.) They take the side that best benefits them--hypocrisy at its worst. Nerds will attempt to maintain some sort of moral stance against Microsoft, yet embrace DDOS attacks against spammers and SCO websites. Witness all the Slashdotters posting links to the SCO website with tongue-in-cheek messages to "keep refreshing." These posts get modded up. But then when SCO mentions the attacks in the press, suddenly nobody on Slashdot supports it, because they're above that, right? Another example--IBM, the bastion of corporate greed and evil in the 80s, is suddenly a-okay with nerds because they've gone with Linux after their OS/2 line died out. Anyone who would bother to read up on IBM's corporatehistory would shudder at this.
5.) Of course, this hypocrisy leads into propoganda. Anything Microsoft does is evil and has a self-serving agenda. Anything a Linux company does is great for the community and can be justified. So, if Microsoft's Windows is selling in China, and the Chinese government that silences dissidents happens to be using Windows, Slashdot will report a headline entitled, "Microsoft Violates Human Rights in China." This, of course, ignores the fact that China has its own Linux distribution, and we won't see a "Open Source Violates Human Rights in China" any time soon. And with all these recent KDE 3.2 articles, nobody's mentioning that KDE removed the Taiwan flag just so they could be adopted by the Chinese government. But, like I said--Microsoft is evil, anything Linux is good!
6.) Condescension. This means that if your opinion is different, you will be insulted and downmodded (a true sign of emotional insecurity). If you are new to spending an entire evening just to set up an operating system, and you don't understand the poorly written, 5-year-old HOW-TOs, going into an IRC channel to ask about it will get you "RTFA" and "haha n00bs." If you dare request that someone shape up their godawful GUI software for Linux, you will get people who will
While what you said was a joke, it made me think of something that might be a good idea.
How about we (geeks, slashdotters, etc) start pattenting all the evil ideas we can come up with? Think if we had the pattents to algorithms used in worms and viruses, or in spyware, etc. Of course, I don't mean we build anything with these evil ideas, but then we could sue the pants off anyone who did.
I know a guy at Microsoft who says they have people to develop worm/virus algorithms just so if someone ever uses it, they can take them down atleast financially, if not legally.
no comment
If you go to SpywareInfo's forums, you can get HijackThis, which lists pretty much everything that ever loads on your system, and the experts there can clean it.
Striking fear in the authors of godawful fanfiction, I am here, appearing in darkness, Tuxedo Jack!
Although both packages ARE clean (I use both) there is a potential problem using both at the same time.
Adaware by default "quarantines" any dodgy stuff it finds, rather than immeadiately deleting them. These are stored away so that they dont cause harm. you can delete the quarantined items, or restore them. This just gives a usefull way to undo changes, incase something stops working.
Spybot S&D may find these quarantined objects and flag them as spybots, when in fact they are safely "immobilised" by Adaware.
SO make it a point of deleting the quarantined objects.
Otherwise both programmes are very good.. and i woudl consider donating to the Maker of SpybotS&D, or purchasing the pro version of adaware, just to support them.
Unlike creating normal software, the authors ARE playing a race with the creaters of spyware, and the cash would do a lot of good.
Have a nice day!
and i'll say it agian..
Two spy/mal/adware cleaners: Ad-Aware, Spybot S&D,
And a Good hosts file that will deal with any future incursions: Http://www.2fords.net/rchapin/hosts.zip
Download the zipped file, then do a search for your old hosts file, backup, and replace it.
First rule of holes; When in one, stop digging.
He told me about it a while ago, and swore me to secrecy about what they were doing. He hated working for the company, but he was going through a tough time and he needed the job. He eventually found a better programming job elsewhere and moved on.
I think the first question people ask is, "how could someone do something like this?" Well, the short answer is that the people running the company just flat-out didn't care. They wanted to make money and they found the most insiduous way to do it, with no weight on their consciouses. Personally, I think it's pretty sick.
At this office we have several machines with Norton AV pre-installed, what a pain in the ass! I wonder if just letting virii run amock through the office would be less annoying than dealing with Norton's constant nagging for attention. Every-frickin-day at least several times a day a Norton dialog pops up out of nowhere on your screen while you are trying work, simply to remind you of the number of days left in your Norton subscription and do you want to renew now? ... and of course the only two buttons you can click to make the dialog go away are a classic Hobson's choice: "yes, I have my credit ready so please take take more money from me now" or "remind me later, like say in an hour or two when I get even busier" ... then later an complete full-cavity virus scan starts up unannounced no matter how busy your machine is ... and of course the constant demand for you to ineract with Norton
while virus updates are being downloaded and then after updates are downloaded it of course will say "click OK now to reboot" not even giving you the option to reboot later.
Now of course if I'd bother to RTFM and spend my time reconfiguring Norton I suppose I could figure out how to make it less annoying, and then take up more of my time doing the same to every machine in the office... but I was just wondering if the people working for Norton might consider making their products less godamn annoying then the virii they aspire to prevent.
I'm sure you're not morbidly obese. You'd never get through the letterbox.
Ashcroft has this, Ashcroft has that...it took congress and various state governments to bring much of what you claim to fruition. Don't focus on Ashcroft. If you hate him, hate him only for what he's done. There are more individuals involved in what you claim than you would have us believe, and those include your elected officials. Don't like 'em? Vote 'em out next time.
Also, according to the 60 Minutes II report, Canadian intelligence officials knew and approved of Arar's deportation to Syria. So, all they had was a foreign national that they didn't want, BUT when they asked Canadian officials if they wanted him back the Canadian officials said "naaah, send him back to Syria, we don't want him." Now who's at fault in this case? The worst part is that Arar's American lawyers are using him as a puppet in a case he has no chance to win in order to propagate their political cause when in reality Arar should be suing the Canadian government.
At least your reporters don't get their homes raided for reporting the news. I don't know of a single case where a US reporter has had their source of information seized by the police and potentially face criminal charges for what they said.