FTC Files Spyware Case Against Sanford Wallace

An anonymous reader writes "Legendary reformed spammer Sanford Wallace is apparently back in business, under suspicion by the Feds for advertising a trojan spyware removal tool. Wallace 'admit[s] no wrongdoing', but in the next breath says 'The FTC is trying to enforce a law that hasn't even passed', referring to the proposed anti-spyware legislation currently in Congress."

oh please...

[Quasar1999]

That's like being pulled over by a cop for speeding, claiming you weren't, then pointing out that the cop wasn't even supposed to be there, since he was off duty...

Re:oh please...

no .. more like being pulled over by a cop for doing 60 in a 60 zone when the speed limit is going to change to 40 tomorrow ...

Re:oh please...

[Nos.]

Huh? Advertising a program that is supposed to protect/remove spyware but acts as spyware or a trojan does not at all compare to being pulled over by a cop.
This guy is guilty of fraud.

Re:oh please...

[pbranes]

This guy apparently did some real, physical harm to someone. I know this shouldn't be funny, but it is. Nevertheless, the guy should have his computer act the same way he makes other people's computers act. This quote is from one of the pages linked in the story.

"J" (who in his anger may have been under the mistaken impression that I'm associated with Spy Wiper) intends to sue Spy Wiper. He says that when Spy Wiper opened his CD-ROM drive, it popped his infant in the eye. The infant had to be taken to the emergency room.

Re:oh please...

[cob666]

no .. more like being pulled over by a cop for doing 60 in a 60 zone when the speed limit is going to change to 40 tomorrow ...

Not entirely correct. There is NOTHING wrong with going 60 in a 60 zone, regardless of when the speed limit is going to change. However, EVERYBODY knows that there is something wrong with installing software that interferes with the way your browser functions without telling the user what is being installed. And THEN, getting them to pay $30 to uninstall the software.

Re:oh please...

No. It is like being stopped for reckless driving when there is no speed limit sign posted.

It would seem that Wallace is guilty of fraud when his spyware removal tool is itself spyware.

Re:oh please...

[legirons]

"Huh? Advertising a program that is supposed to protect/remove spyware but acts as spyware or a trojan does not at all compare to being pulled over by a cop."

It's hopeless. They'll always moderate-up daft analogies. It's part of the culture.

We have perfectly good laws to prosecute him under

[AKAImBatman]

Wallace 'admit[s] no wrongdoing', but in the next breath says 'The FTC is trying to enforce a law that hasn't even passed'

If you're selling spyware as anti-spyware, that's fraud, genius.

Maybe he's hoping that the public will stand up for poor little him.

Another article with more

The Union Leader has more information. The part about the bankruptcy tells much about Wallace's character.

Carpe diem

[RangerRick98]

Wallace 'admit[s] no wrongdoing', but in the next breath says 'The FTC is trying to enforce a law that hasn't even passed'

Wallace then added, "I figured I'd better get this stuff out there while I had the chance."

What about...

False Adverising... Fraud... there's surely something else he can be chared with.

Re:What about...

[PriceIke]

> there's surely something else he can be chared with.

Lighter fluid?

Re:What about...

[unformed]

no that's charred

chared is something in between caring and charring, kind of like, "I did it because I love you."

Eek!

[The+Queen]

This is so creepy - I dreamed last night (in between the alien invasion and the date with Bon Jovi) that I had let a friend of a friend check her email on my computer, and when I came back to it there were spyware, pr0n, and other assorted nasties covering the screen. Every time I deleted one, two more popped up in it's place. I had just dealt with this on my laptop in real life and this bitch fubar'd my new machine!

Now this story shows up on /.

Coincidence?

FRY THE BASTARD!

Re:We have perfectly good laws to prosecute him un

[garcia]

It's more like the mafia. You need protection from what we just did to you. Pay up *and* continue to suffer all at the same time.

No, its not the same

[nurb432]

If he is correct that the law has not been passed, its more like the cop that stopped you for speeding has not taken his finals yet and is still in training..

It may be sleazy, but he is correct that if its not against the law yet.. there is little grounds to harass him on that factor..

Now, on day one of the law being passed, they should pounce..

Re:No, its not the same

[Armchair+Dissident]

According to the Yahoo article, he's not actually being sued under the anti-spyware law. It looks like he's being sued under computer misuse legislation:

The FTC alleges the defendants have unfairly: changed consumers' Web browsers, installed advertising and other software programs, and compelled purchase of anti-spyware software.

It looks like its the compulsion he's placed on his customers to buy his products because of his own tampering with their machines that's getting him landed in trouble. (IANAL, etc etc).

Anyone have Mr Wallace's address?

I'd like to send him a 'few' letters expressing my opinion of his business model.

Another reason to use FireFox

[Emperor+Shaddam+IV]

Most spammers and spyware will go after the easy targets. PC's running IE as a browser, which is what most people, especially non-technical people will be using. So this is just another reason to use FireFox. FireFox will be safer until it becomes much more well used. Note that using Outlook is also dangerous.

I'm not on his side, but

[bsdbigot]

Whatever happened to "innocent until proven guilty?" Really, I'm appalled when stories like this come up and the great majority of /. posters cry foul.

The reality of the situation is, under the alleged crime(s) he committed, he has yet to be convicted. As such, he is entitled to be treated justly and without contempt, at least WRT the current situation.

As for his claim that there's no wrong-doing on his part, while then saying that the law hasn't yet passed - this is not a contradiction, at all, as the /. submitter implies. Until those things are made illegal, they are still legal and thus not "wrong," in the eyes of the law. That does of course fall to the ground in situations where the "wrong-doing," was initiated/perpetuated through fraud or other illicit activities, but the action in question would still not be wrong because it is not proscribed.

Re:I'm not on his side, but

[hackstraw]

Whatever happened to "innocent until proven guilty?"

Innocent until proven guilty is an ideal and a legal technicality, but its much less than that in reality. Although you are legally "innocent", if you do not post bail or bond or the judge determines that your crime does not warrent bail or bond, you stay in jail until you are proven guilty. Yes, that means that an innocent person is expected to stay in jail right beside the guilty and convicted people.

Another thing that kills me is when the press says that the accused is "pleading innocent", and there is no such plea, your innocent by default, you can plea not guilty, but not innocent.

Re:I'm not on his side, but

[Tenebrious1]

Whatever happened to "innocent until proven guilty?" Really, I'm appalled when stories like this come up and the great majority of /. posters cry foul.

That's only in a court of law, and /. ain't no stinkin' court o' law.

The reality of the situation is, under the alleged crime(s) he committed, he has yet to be convicted. As such, he is entitled to be treated justly and without contempt, at least WRT the current situation.

In an enlightened world, perhaps. But in that enlightened world, we wouldn't have spammers and scumware writers in the first place. Just because the law presumes his innocence, does not mean that we the public can't have our own opinions.

He's a witch, burn him!

Re:I'm not on his side, but

[Emperor+Shaddam+IV]

Is he made of wood, and does he weigh more than a Duck? We have to make sure its a fair court. :)

Extortion?

[Fractal+Law]

This seems a bit more like extortion to me as he's doing something obnoxious to somebody and then asking for money to stop.

This may be the tactic that the FTC goes with in prosecuting.

Re:We have perfectly good laws to prosecute him un

[starrsoft]

Uh... Mr. Genius, he's not:

"selling spyware as anti-spyware"

What he's doing is installing basic run of the mill spyware that has ads for spyware removal software:

The FTC said the companies secretly installed the software on computers, causing systems to be overwhelmed by pop-up advertisements, and then sending them alarming messages saying they needed to buy "Spy Wiper" or "Spy Deleter" for $30.

Vigilante Justice

[Don+Tobin]

I for one will start cheering on these FTC Vigilantes if they start nailing spyware producers. Could care less if they don't get to people in Asia or outside the US Borders I just want to have someone hung under the presumption of guilt and spyware.

Maybe I should see someone about that . . .

NO

[Exmet+Paff+Daxx]

It's like being charged with spyware offenses by the FTC while new spyware legislation is making its way through Congress.

Fuck your analogies. Wallace is still guilty of the 1000-year-old crime of fraud and they're going to nail him for it. New legislation may help further convictions. Film at 11.

Re:NO

[JimFromJersey]

Cripes a 1000 year old crime? Is there no staute of limitations?

Re:Mod Parent Down, Re:Another reason to use FireF

[psbrogna]

Visit a reputable vulnerabilities website, www.cert.org for example, and compare the number of Mozilla vulnerabilities (2) to that of Internet Explorer (179). I'm sorry, you don't have a reply to that? I thought as much.

Is there anything else the entire industry has accepted that you want to suggest is wrong?

Against the law.

[www.sorehands.com]

There are general consumer laws of deceptive and unfair practices. What he did is like a protection racket -- a few guys walk into a restraunt and ask for protection money to keep people like them from breaking up their restraunt.

Under California law, Penal Code 502 prevents his from installing unauthorized software.

Remember the guy in Georgia who installed SETI or some other software like that on the University Systems getting charged for doing that since he had no authorization?

The FTC has the power to take action against companies that act in a deceptive manner. They are not only going after GWP
but, also for selling penis enlargment pills that don't work.

spyware... appropriate article!

[toomanyhandles]

Spyblot blocked Avenue A,Inc and Doubleclick installs when viewing this article.

Re:We have perfectly good laws to prosecute him un

[AKAImBatman]

Yes, but the SpyWiper program is spyware itself. Thus it's fraud.

I'm not surprised

There's a good article about fatass, er Wallace over on Wikipedia.

In short:

- Wallace use to junkfax until the junk fax law went into place.
- Wallace formerly ran Cyber Promotions, the biggest spammer on the planet at the time, and specialized in things like relay repaying, false return addresses, and outright lying about his lists being "opt-in". It took a permanent injuction to get him to stop.
- Now he's doing spyware and demanding money from people with infected computers.

It's been said before and it's worth repeating again: Wallace has repeatedly shown little respect for other peoples' property and resources. He has no place in society. As far as I'm concerned, he should be locked up for the rest of his natural life.

If I sound bitter, it's because I had to deal with Cyberpromo junk (and that from their rogue ISP, AGIS, if anyone remembers them!) back in the 90's and know exactly how incorrigible he is.

And, be sure to fact-check ANYTHING that comes out of his mouth. I mean it.

Re:I'm not surprised

[Lord_Dweomer]

You wouldn't by any chance happen to have any way of contacting Wallace would you? I'm sure many of us here at Slashdot would love the chance to call him or email him to find out about his "amazing" products, or just annoy the hell out of him, take your pick.

Re:I'm not surprised

[Maestro4k]

• You wouldn't by any chance happen to have any way of contacting Wallace would you? I'm sure many of us here at Slashdot would love the chance to call him or email him to find out about his "amazing" products, or just annoy the hell out of him, take your pick.

Personally I have about 10 years worth of AOL floppies/CDs/DVDs I'd really love to send him, I know how much he values a great deal.

$0.16 Cure for This:

[rts008]

TThat's what it costs me to reload .45ACP ammo, I'd be HAPPY to donate $0.48 for justice! ("Two in the chest, one to the head, and even the Jolly Green Giant will fall down dead" remebered THAT little ditty from boot camp...THANKS for the wisdom, Uncle Sam!)

Re:Knock him off

[DrXym]

I'd favour the "Casino" approach to spammers. They can choose walk away without the money; or keep the money and have their fingers pounded into bloody mess.

Sure I do

[Sycraft-fu]

How popular is/was Internet Explorer? The largest resaon so much was found in IE was so much attention was given to IE since it is the largest browser by far, and was even larger in the past. Now, as Firefox is growing, it's being targeted. I've started seeing sties that try to send you a mozilla installer package if you are using Firefox, an ActiveX control if oyu are using IE.

If you seriously think Firefox is bug free, well you are sticking your head in the sand. The question isn't if Friefox has exploitable bugs, it does, everything does, the question is when one is found, what happens? The OSS community argues that this is where the strength is, it'll be fixed in a big hurry, so consumers don't have to worry.

Well the thing is, receant events are calling that in to doubt. Salshdot has reported on the two big security bugs in the last couple of months that sat unfixed for YEARS, basically until a big public stink was made about it. So it may be that in reality Firefox is LESS safe.

I use it, since I like it better, but if you think that it has some magic OSS shield that protects you, think again.

Also, the vast majority of spyware, including the spyware in the article, gets on through user stupidity, not exploits. This particular software is the popup/banner nature. It tells you to download it. Users do that, and then it's got them. Others provide some feature people want, like comet cursor, that then also spys on people. Still more just piggy back on top of other software, like the loads of shit that comes with Kazaa.

Re:Sure I do

[schon]

The largest resaon so much was found in IE was so much attention was given to IE since it is the largest browser by far

Bullshit. If the number of exploits scaled by popularity, why are there more bugs for IIS than for Apache?

Try again.

Wallace's "former" partner is into spyware, too

[BMcWilliams]

The FTC lawsuit is against Seismic Productions, which used to be registered to Walt Rines, Wallace's old spamming partner. Rines currently distributes a Trojan horse program called Kazanon that (falsely) claims to make users of the Kazaa file-sharing program invisible to the authorities. When asked about the legality of Kazanon, Rines said "If there's a grey area, I'm all for taking the opportunity, from a marketing standpoint."

Re:Wallace's "former" partner is into spyware, too

[Kr4Ck3r]

Gotta love this Kazanon...

Here is a quote from the site.

KAZANON makes you TOTALLY ANONYMOUS and INVISIBLE - NO ONE WILL EVER KNOW YOUR REAL IDENTITY, LOCATION, or IP ADDRESS.

Now let's take a look at the EULA

III -The user understands and agrees that the application may or may not render them anonymous, untraceable or invisible at any given time, and acknowledge and agree that Odysseus Marketing shall in no way be liable or responsible for any actions of the user, and agree to hold harmless Odysseus Marketing, Inc from any resulting actions, including but not limited to legal actions, by any third parties.

If that doesn't sound like false advertisement (fraud) then I dont know what is.

Proof?

First, let me stress that this should not be done in IE, or even on Windows. You have been warned.

Second, check out http://www.freevegasclubs.com/. Specifically view source and look for the mp3 link that's hidden in comments. Download and hear Sanford's name. Note the irony when you read "Don't worry, we don't sell names to spammers!"

Third, check out this link (again! don't do this on IE): http://www.freevegasclubs.com/serve.cgi?1 This was obtained by going to a hidden link that redirected to this. Don't ask me what the original URL was -- I don't have a record of it right now. I discovered it earlier this week when my Snort detector went off with a WSH exploit and I noticed some of my internal minions being trojaned.

So what does that serve up? That would be his trojan code. A IE WSH exploit. It downloads and installs some files over FTP. If you go to the FTP site that's listed in the code, you can download all his stuff. Here's a breakdown:

./sanford/06wu29rd.exe: Trojan.Dropper.Small-8 FOUND
./sanford/449166.exe: OK
./sanford/CS4P028.exe: Trojan.Ruledor.E FOUND
./sanford/ClrSchP028.exe: Trojan.Ruledor.C FOUND
./sanford/IF01.exe: OK
./sanford/PlayBingoOnline.exe: OK
./sanford/SuiteInstall.exe: OK
./sanford/TVM_B5.EXE: OK
./sanford/WebSearchBU1.exe: OK
./sanford/ashlt.exe: OK
./sanford/biggie.exe: Trojan.Spy.WWWBar-1 FOUND
./sanford/bs5-nt15v.exe: OK
./sanford/calsdr.exe: Trojan.Downloader.Small.FF FOUND
./sanford/clickhype.exe: Trojan.Spy.WWWBar-1 FOUND
./sanford/dgi.exe: Trojan.Sectho-1 FOUND
./sanford/dp807615.exe: Trojan.Lalus.A FOUND
./sanford/istinstall_154074.exe: Trojan.Istbar-28 FOUND
./sanford/julie.exe: OK
./sanford/newdevin.exe: OK
./sanford/sd.exe: OK

----------- SCAN SUMMARY -----------
Known viruses: 24229
Scanned directories: 1
Scanned files: 20
Infected files: 9
Data scanned: 1.98 MB
I/O buffer size: 131072 bytes
Time: 2.065 sec (0 m 2 s)

I'm pretty sure the stuff that ClamAV doesn't catch are trojans and/or spyware. Just haven't had the chance to analyze and submit yet...

Have fun, and don't get caught without proper protection.

Text of complaint

[FienX]

Just incase anyone cares:

UNITED STATES DISTRICT COURT
DISTRICT OF NEW HAMPSHIRE

FEDERAL TRADE COMMISSION,
Plaintiff,

v.

SEISMIC ENTERTAINMENT
PRODUCTIONS, INC.,
SMARTBOT.NET, INC., and
SANFORD WALLACE,
Defendants.

Civil No.

COMPLAINT FOR INJUNCTION
AND OTHER EQUITABLE RELIEF

Plaintiff, the Federal Trade Commission ("FTC" or "Commission"), for its Complaint alleges as follows:

1. The Commission brings this action under Section 13(b) of the Federal Trade Commission Act ("FTC Act"), 15 U.S.C. 53(b), to obtain preliminary and permanent injunctive relief, restitution, disgorgement and other equitable relief against the Defendants for their unfair acts or practices in connection with their marketing and their distribution of software programs to consumers in violation of Section 5(a) of the FTC Act, 15 U.S.C. 45(a).

JURISDICTION AND VENUE

2. This Court has subject matter jurisdiction over this matter pursuant to 15 U.S.C. 45(a), 52, and 53(b); and 28 U.S.C. 1331,1337(a) and 1345.

3. Venue in the United States District Court for the District of New Hampshire is proper under 15 U.S.C. 53(b), as amended by the FTC Act Amendments of 1994, Pub. L. No. 103-312, 108 Stat. 1691, and 28 U.S.C. 1391(b) and (c).

PLAINTIFF

4. Plaintiff, the Federal Trade Commission, is an independent agency of the United States government created by statute. 15 U.S.C. 41 et seq. The Commission enforces Section 5(a) of the FTC Act, 15 U.S.C. 45(a), which prohibits unfair or deceptive acts or practices in or affecting commerce. The Commission is authorized to initiate federal district court proceedings by its own attorneys to enjoin violations of the FTC Act and to secure such equitable relief as may be appropriate in each case, including restitution for injured consumers, consumer redress, and disgorgement. 15 U.S.C. 53(b).

DEFENDANTS

5. Defendant Seismic Entertainment Productions, Inc. ("Seismic") is a New Hampshire corporation with its principal place of business located at 11 Farmington Road, Rochester, New Hampshire 03867. Since at least December 2003, and continuing thereafter, Seismic has marketed various products, including purported "anti-spyware" software called "Spy Wiper" and "Spy Deleter," on behalf of others. Seismic advertises these products through "pop-up" advertisements displayed to consumers using various Internet web sites that it controls, including the web sites at www.default-homepage-network.com and downloads.default-homepage-network.com. Seismic also downloads to and installs on consumers' computers various advertising and other software programs, including Favoriteman, TrojanDownloader and Clearsearch. Seismic transacts or has transacted business in the District of New Hampshire.

6. Defendant SmartBot.Net, Inc. ("SmartBot") is a Pennsylvania corporation with its corporate address at 3 Cobblestone Court, Richboro, Pennsylvania 18954, and its principal place of business at 495 Route 9, Barrington, New Hampshire 03825. Since at least December 2003, and continuing thereafter, SmartBot has marketed various products, including purported "anti-spyware" software called "Spy Wiper" and "Spy Deleter," on behalf of others. SmartBot advertises these products through popup advertisements displayed to consumers using various Internet web sites that it controls, including the web sites at www.passthison.com, object.passthison.com, and www.smartbotpro.net. In addition, the pop-up advertisements served by SmartBot also are displayed when a computer user visits various Internet web sites controlled by Seismic, including, but not limited to, www.default-homepage-network.com. SmartBot transacts or has transacted business in the District of New Hampshire.

7. Defendant Sanford Wallace ("Wallace") is or has been President and owner of Defendants Se

Dangerous precedent

[starling]

The complaint against Wallace says he and his companies' practices "cause or have caused consumers' computers to malfunction, slow down, crash, or cease working properly, and cause or have caused consumers to lose data stored on their computers."

Wouldn't just about every software vendor in the world be guilty of these charges?

I'm not saying Wallace shouldn't be prosecuted, but they need to come up with something a bit more specific.

First junk faxing, then spamming

[jhylkema]

And now spyware.

I can't be the only one who thinks the world would be a better place if "Spamford" Wallace's mommy knew about Roe v. Wade.

Re:We have perfectly good laws to prosecute him un

[plover]

I know a guy who owned a tiny junk (oops, "antique") shop. 10 years ago someone walked in and asked him about the music playing on the boombox. The guy showed him the CD jewel case, and this other person says he's from ASCAP, and do you want to pay up now so nothing bad happens to you in a courtroom?

The guy switched the boombox to an FM station and told him to pound sand. As far as I know, he never played a CD in the store again after that.