Slashdot Mirror

← Back to Stories (view on slashdot.org)

Intentional SpyWare Infection?

Posted by Cliff on from the a-deliberate-contraction dept.

zagman asks: "I am doing some research on SpyWare / AdWare, and how to prevent/contain the problem, and am looking for some of those 'Bad Sites' - you know, the ones which take advantage of any of the known exploits and installs a whole bunch of software without your knowledge (or sometime with it). I am testing this on IE6 on an XP-SP1 box (no further patches) and also IE6.02 on a XP-SP2 box. Can anyone out there recommend some 'good' bad-sites for me to go? Benjamin Edelman did some similar work, and posted his results, but I also want to compare Mozilla and FireFox's response as well. Thanks out there!" Update: 11/24 4:05pm EDT by C : In case it hasn't been mentioned already, a considerable amount of infection can be obtained from a single website. Any other infectious goodies out there?

17 of 33 comments (clear)

  1. I've got one for you- by Anonymous Coward · · Score: 2, Informative

    Go to www.vcdquality.com and leave your browser open overnight. I got about 18 different pieces of spyware that way through IE6. Now I use Firefox there and most everywhere else of course :)

    1. Re:I've got one for you- by jo42 · · Score: 2, Informative

      ...and any of the sites hosting cracks, keys, serial #'s, etc.

  2. http://windowsupdate.microsoft.com/ by jon787 · · Score: 3, Funny

    http://windowsupdate.microsoft.com/

    --
    X(7): A program for managing terminal windows. See also screen(1).
  3. lop.com by the_maddman · · Score: 2, Insightful

    try out lop.com and see if you can clean that crap off.

  4. Browse around less than reputable sites. by comwiz56 · · Score: 2, Informative

    Just browse around some sites that might carry this stuff: warez, porn, probably some mp3 sites.

    And google around, someone else has bound to have done this and have some links/tips.

  5. Ironic timing... by mikeage · · Score: 3, Interesting

    given that this article was just posted.

    --
    -- Is "Sig" copyrighted by www.sig.com?
  6. The easiest way... by rritterson · · Score: 5, Informative

    The easiest way is to download something like IESPYAD which puts a whole bunch of domains into the restricted sites zone in IE. Just open the data file and start browsing. You can download it here:

    https://netfiles.uiuc.edu/ehowes/www/resource.htm# IESPYAD

    Another alternative is one of the many HOSTS files out there. Unfortunately, many of those also contain sites that serve ads, so you'll have to filter them yourself. Here are a few:

    http://www.mvps.org/winhelp2002/hosts.htm
    http://www.dozleng.com/hpguru/

    --
    -Ryan
    AUWYHSTOT (Acronyms are Useless When You Have to Spell Them Out Too)
  7. Re:Another IE trash fest. by Saeed+al-Sahaf · · Score: 3, Funny

    I love it. If you're not a sheep you're a troll. Ah, Slashdot! Got to love it!

    --
    "Who are in control, they are not in control of anything - they don't even control themselves!" - Glen Beck
  8. previous report with links by WasteOfAmmo · · Score: 4, Informative
    You may want to look at http://spywarewarrior.com/asw-test-guide.htm (see previous slashdot article. This not only gives a review of various anti-spyware programs but outlines the testing methodology that they used, lists the sites they went to in order to get infected, lists the critical "finger prints" of the infections, and also describes the setup they used.

    Merlin.

  9. pr0n by Bastian · · Score: 2, Informative

    I'm sure if you spend enough time visiting porn and warez sites, you'll get infected with all sorts of nasty spyware.

  10. kazaa by noselasd · · Score: 2, Informative

    uh, just installing kazaa should keep you busy for a while.

  11. Ugh! by Anonymous Coward · · Score: 2, Funny

    I hate those sites! The other day I was spending the afternoon looking at some midgets having sex with horses, when the website installed Bonzy Buddy on my coputer. What a bunch of sick bastards!

  12. Lyrics sites by kawika · · Score: 3, Interesting

    I've found that lyrics sites are very common offenders. Just Google some lyrics from a popular singer and you will quickly find an infinite source of spyware and adware. Now, they have ads for many different ineffective spyware removers on those sites as well, so they are doing their best to screw their visitors twice.

  13. Re:Another IE trash fest. by Examancer2 · · Score: 2, Insightful

    guess you couldn't be bothered to even read a whole paragraph. Look closely as the poster clearly indicates he wants to find sites that infect systems with Spyware and see how Firefox and Mozilla respond to the same sites, to see if they are as impervious as many claim. Also, at the beginning of the paragraph he says that he is doing this to find better ways to prevent and contain the problems with spyware/adware/malware, not to bash IE. Personally, I've already come across some Firefox/Mozilla SPECIFIC spyware/trojans using Firefox/Mozilla's automatic XPI extension installation. If I were an average joe user, these could very well dupe me into clicking through and ruining the privacy, security, and integrity of my system... assuming I could even still use the system afterwards. I look forward to the findings of this poster, and the findings of similar articles. Security through obscurity is comming to an end for Firefox and Mozilla, so these are important issues.

  14. VMware by Kizzle · · Score: 4, Informative

    I played around with spyware just for the fun of it on XP. Instead of going through the trouble of trashing a whole computer I installed XP to a virtual machine in VMware. With the original install backed up I was free to experiment as much as I wanted since I could reset it back to normal at any time. Backing up isn't done for you but it's easy enough to just keep a copy of the disk image it creates.

    --
    Hacker Media
    1. Re:VMware by bakes · · Score: 2, Informative

      Even better than copying the image file: take a snapshot. When you want to go back to the clean starting point, stop the VM (don't bother to shut down, just hit stop) and then hit the revert button. Start the VM, continue.

      --
      Ho! Haha! Guard! Turn! Parry! Dodge! Spin! Ha! Thrust!
  15. Some friends and I were just talking... by hivemind_mvgc · · Score: 2, Funny
    ...about http://xpire.info/fa?d=get

    I refuse to make it a link. If you really want to see it, you'll have to copy -> paste it yourself and cut your own throat.

    --
    I support the FairTax www.fairtax.org