Slashdot Mirror

← Back to Stories (view on slashdot.org)

Intentional SpyWare Infection?

Posted by Cliff on from the a-deliberate-contraction dept.

zagman asks: "I am doing some research on SpyWare / AdWare, and how to prevent/contain the problem, and am looking for some of those 'Bad Sites' - you know, the ones which take advantage of any of the known exploits and installs a whole bunch of software without your knowledge (or sometime with it). I am testing this on IE6 on an XP-SP1 box (no further patches) and also IE6.02 on a XP-SP2 box. Can anyone out there recommend some 'good' bad-sites for me to go? Benjamin Edelman did some similar work, and posted his results, but I also want to compare Mozilla and FireFox's response as well. Thanks out there!" Update: 11/24 4:05pm EDT by C : In case it hasn't been mentioned already, a considerable amount of infection can be obtained from a single website. Any other infectious goodies out there?

9 of 33 comments (clear)

  1. I've got one for you- by Anonymous Coward · · Score: 2, Informative

    Go to www.vcdquality.com and leave your browser open overnight. I got about 18 different pieces of spyware that way through IE6. Now I use Firefox there and most everywhere else of course :)

    1. Re:I've got one for you- by jo42 · · Score: 2, Informative

      ...and any of the sites hosting cracks, keys, serial #'s, etc.

  2. Browse around less than reputable sites. by comwiz56 · · Score: 2, Informative

    Just browse around some sites that might carry this stuff: warez, porn, probably some mp3 sites.

    And google around, someone else has bound to have done this and have some links/tips.

  3. The easiest way... by rritterson · · Score: 5, Informative

    The easiest way is to download something like IESPYAD which puts a whole bunch of domains into the restricted sites zone in IE. Just open the data file and start browsing. You can download it here:

    https://netfiles.uiuc.edu/ehowes/www/resource.htm# IESPYAD

    Another alternative is one of the many HOSTS files out there. Unfortunately, many of those also contain sites that serve ads, so you'll have to filter them yourself. Here are a few:

    http://www.mvps.org/winhelp2002/hosts.htm
    http://www.dozleng.com/hpguru/

    --
    -Ryan
    AUWYHSTOT (Acronyms are Useless When You Have to Spell Them Out Too)
  4. previous report with links by WasteOfAmmo · · Score: 4, Informative
    You may want to look at http://spywarewarrior.com/asw-test-guide.htm (see previous slashdot article. This not only gives a review of various anti-spyware programs but outlines the testing methodology that they used, lists the sites they went to in order to get infected, lists the critical "finger prints" of the infections, and also describes the setup they used.

    Merlin.

  5. pr0n by Bastian · · Score: 2, Informative

    I'm sure if you spend enough time visiting porn and warez sites, you'll get infected with all sorts of nasty spyware.

  6. kazaa by noselasd · · Score: 2, Informative

    uh, just installing kazaa should keep you busy for a while.

  7. VMware by Kizzle · · Score: 4, Informative

    I played around with spyware just for the fun of it on XP. Instead of going through the trouble of trashing a whole computer I installed XP to a virtual machine in VMware. With the original install backed up I was free to experiment as much as I wanted since I could reset it back to normal at any time. Backing up isn't done for you but it's easy enough to just keep a copy of the disk image it creates.

    --
    Hacker Media
    1. Re:VMware by bakes · · Score: 2, Informative

      Even better than copying the image file: take a snapshot. When you want to go back to the clean starting point, stop the VM (don't bother to shut down, just hit stop) and then hit the revert button. Start the VM, continue.

      --
      Ho! Haha! Guard! Turn! Parry! Dodge! Spin! Ha! Thrust!