Russian Firm Pays to Infect PCs with Adware

Jaidev writes "Information week is reporting that a Russian site (IframeDollars) is paying web developers 6 cents for each machine they infect with spyware or adware. One security expert estimates that iframeDollars could collect as much as $75,000 annually from the adware it placed on the infected machines during the third week of May, which cost approximately $12,000 in payments to place"

never a better time NOT to RTFA

[LiquidCoooled]

Never know if the article publisher itself is an affiliate ;)

Re:never a better time NOT to RTFA

[tomjen]

And i who figured, that my freedos box was safe. I mean - it got even fever users than os2.

Re:never a better time NOT to RTFA

[dragonman97]

Um...sorry, I'm reading this in Deer Park Alpha on OS X. ;)

(However, I didn't bother to RTFA, so the only thing that can infect me is the foolish opinions of trolls.)

Re:never a better time NOT to RTFA

[tonsofpcs]

What about my Amiga running lynx? BSD on the DEC-Alpha? 80286 with Arachne? Are they safe from this?!!

--
Silly Windows users.

Re:never a better time NOT to RTFA

http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&item =5589153300

MS putting food on other peoples table once again

Eat this, open source zealots.

This story proofs once againe that MS is delivering an infastructure on which other companies can thrive.

Thank you MS!

Hey, Microsoft can spin this

This is Microsoft enabling yet another business to succeed in the ever changing technology marketplace.

Re:Hey, Microsoft can spin this

Nah, Microsoft never let other technology businesses succeed! Hmmm, hang on a sec Microsoft have been busy buying companies in Russia - how do we know this dodgy Russian company is actually owned by Microsoft?!?!? The plot thickens!

Re:Hey, Microsoft can spin this

[AtlanticGiraffe]

Yep. They can sit comfortably on the trophy shelf alongside the huge antivirus, spyware removal and data recovery industries.

Microsoft sure has a unique way of helping the economy.

(On a serious sidenote, though, many governments actually use similar methods to reduce unemployment. Every economist in the world knows it doesn't work, but politicians like it.)

Re:Hey, Microsoft can spin this

[neil.pearce]

Smells of one of those viral marketing games/competitions to me.
Slashdot seems to have fallen for a lot of these recently.

They've got me!

[nyxon]

They've already infected my machine! I keep getting pop-ups for penis enlargements! Help!

Re:They've got me!

[cr3ative]

The good old targeted advertising must be working then ;)

Re:They've got me!

[bmgz]

take the hint, maybe the poewers that be are trying to tell you something ;)

Re:They've got me!

[nyxon]

LOL! They know where I have been surfing... ;-)

Re:They've got me!

[saskboy]

It's not surprising. Organized crime benefits from people having larger penises. At least it stands to reason since they employ big dicks.

Re:They've got me!

[John+Seminal]

They've already infected my machine! I keep getting pop-ups for penis enlargements! Help!

This reminds me of junior high. Someone found their daddys playboy and brought it to school. In the back was an advertisment for "penis enlargment... now the women will notice you!". So me and my buddies kicked in the $49.95 (in 1984 dollars, probably closer to $200 bones today). Do you know what we got back? A peice of plastic with a pump attached to it. And the plastic was so rough, it cut the dick. It sucked. It was the worst money we ever spent. And no, nobody believed the guy who used it before, everyone had to try it out. I just felt bad for the foriegn kid, who used it last. I don't think it felt anything like the goat from India he always talked about (although never admitted doing anything with).

Seriously, it was a $0.25 cent peice of garbage. We left it in the locker room. I think the PE teacher found it, because the next day he was walking like his dick was cut. Very gingerly.

I guess it is something everybody has to try once. It is like owning a pet rock. Some asshole paid for his $10,000,000 million dollar mansion selling people rocks for friendship.

Says alot about our society and how connected we really are.

Re:They've got me!

Of that story I think the most disturbing part was that you all took turns putting the same piece of equipment on your dick.

Re:They've got me!

[Big+Mark]

Come on, this is no place for small talk.

Re:They've got me!

You're getting pop-ups?
Thanks for your testimonial to our other fine penis-related offerings!

Re:They've got me!

[zakezuke]

They've already infected my machine! I keep getting pop-ups for penis enlargements! Help!

It's a sick sad world when you go online looking up camera shops trying to price the cost of enlargements and all you get is viagra, cialis, misc herbs and spices related to penis, smiling bob, and double polaroids.

Re:They've got me!

[GermanShorthair]

What a short post.

Re:They've got me!

[Scootesti]

then maybe you should try picture blow-up? and hope to hell there isn't as much marketing for inflatable companions as there apparantly is for penis enlargement...

Re:They've got me!

[zakezuke]

then maybe you should try picture blow-up? and hope to hell there isn't as much marketing for inflatable companions as there apparantly is for penis enlargement...

"Blow-up seattle" doesn't yield the results I desire. Blow-up picture leads me to "The girls and the blow up doll. picture". I got scared when I reached sheep and rhino.

There is no escape, from the porn.

Re:They've got me!

Of that story I think the most disturbing part was that you all took turns putting the same piece of equipment on your dick.

Good example of reverse physiology, or adolescent stupidity? Well I guess at that age we all want to stick our dick in something. Mmmmmmmm... apple pie. D'oh!

Re:They've got me!

[fat+man+with+a+monke]

I ordered them, and my penis still won't stop popping up

Re:They've got me!

What, somebody saw you at a nude beach?

Re:They've got me!

Jesus wept.

Re:They've got me!

[TheoMurpse]

Yeah, you got that right. I keep getting pop-ups about, "Danger! Your dick is too big! Shrink it to make other guys feel more secure!"

Re:They've got me!

And then I spanked him!

Re:They've got me!

[MMMDI]

A peice of plastic with a pump attached to it. [snip] It sucked. Sounds like it did its job, eh?

Re:They've got me!

[hawk]

In my case, the great shock came when I needed text to wrap around images in latex. It took me a while to figure out why the search engine was coming back with porn . . .

hawk

in soviet russia

[maharg]

spyware pays you to infect it

Re:in soviet russia

[Wazukkithemaster]

oh come on! wheres the bold/stress! In Soviet Russia Spyware Pays YOU to... INFECT... it? or... nevermind

Re:in soviet russia

[StarfishOne]

In Soviet Russia, infections frame you!

Re:in soviet russia

In Soviet Russia, YOU pay to have spyware infect yourself.

Re:in soviet russia

[sud_crow]

I never get this joke about soviet rusia, i think is the only one left in ./ i still dont get... is there any chance someone explains this to me?

Re:in soviet russia

[kryptkpr]

Sure.

It was all started by Russian-board comedian Yakov Smirnoff.

The original (and most funny version) of this joke was "In California, you can always find a party. In Soviet Russia, the Party can always find you!".

I think it was the family guy episode that really popularized it though.. read the wikipedia article I linked for more info.

Re:in soviet russia

[sud_crow]

Thanks. And yes, it seems the funnier version i've seen.

Re:in soviet russia

[SomeGuyFromCA]

"now with firefox, you have tabbed webbrowsing. in soviet russia, webbrowsers would have kept tabs on YOU!" /is so so sorry

Re:in soviet russia

[smokeslikeapoet]

Yakov Smirnoff appears regularly in Branson, MO. USA where he has his own comedy club. A soviet defector, ironicaly his career of poking fun of the Soviet Empire died with it.

When spreading malware becomes this obvious

it needs to be dealt with in a very obvious and unsubtle fashion. The owners if iFrameDollars should be killed, publicly and very bloodily as should anyone who works for the company. This might not satisfy strict due process guarantees (OK, it doesn't) but on the other hand these guys are scum and it's not as if we need a trial to prove this. Killing everyone at iFrameDollars will have the salutary effect of making other idiots who are considering this sort of thing think twice, or perhaps even three or four times about it, before they embark on something so odious.

Re:When spreading malware becomes this obvious

I would say declaring full scale nuclear war on Russia is fully justified it these people are not subjected to a public hanging - drawing and quartering highly recommended.

The KGB must know how to deal appropriately with these people

Re:When spreading malware becomes this obvious

[swschrad]

the russians will understand your post.

nobody else will accept it as a viable option.

we need a compromise here... perhaps on the order of "kill all the spammers, but pray for their souls."

Re:When spreading malware becomes this obvious

[Tim+C]

You'd kill over something like this? Get a sense of perspective.

Re:When spreading malware becomes this obvious

You'd kill over something like this? Get a sense of perspective

Where fat lazy spammers are concerned, believe me killing them is the appropriate solution - wouldn't want them breeding further now would we? DIE SPAMMERS DIE. Especially the arseholes running Claria Corporation - oh wait my mistake Claria aren't spammers as they website says they are good unstanding citizens ! All we need now is for a tech to enact out the plot of "falling down" but at Claria's headquarters:

"An unemployed IT worker frustrated with the various spammers he sees in society, begins to psychotically and violently lash out against them".

Infact I can just see the quotes now:

You think I'm a thief? You see, I'm not the thief. I'm not the one charging 85 cents for a STINKING Vigra. You're the thief. I'm just standing up for my rights as a consumer.

Spam Gang member 1: Well then I guess I'm gonna have to read it for you. It says this is fucking private property. No fucking trespassing. That means fucking you.
Frustrated net user: It says all that?
Gang member 1: Yeah.
Frustrated net user: Well, maybe if you wrote it in fucking English, I would fucking understand it.

Spammer: We're the same, you and me. We're the same, don't you see?
Frustrated net user: We are not the same. I'm an American and you're a sick asshole.

Re:When spreading malware becomes this obvious

You should try to see the bigger picture. It's about saving the animals. Instead of sites where people remotely control weapons to "hunt" animals, have users pay to shoot spammers, illegals crossing the border, etc.

It's a win-win situation. An innovative business profits, and the feds get additional income tax and hunting license revenue. And then we still have countless potential uses for the bodies!

Re:When spreading malware becomes this obvious

> kill all the spammers, but pray for their souls.

Spammer's have souls?

http://evil-guide.tripod.com/career.html (at bottom)
http://evil-guide.tripod.com/

Re:When spreading malware becomes this obvious

Who the fuck modded this insightful? Are you all a bunch of fucks? Ya can't run around killing people. Ya just can't. Sick fucks!

Re:When spreading malware becomes this obvious

[mbius]

The owners if iFrameDollars should be killed, publicly and very bloodily as should anyone who works for the company.

I'll give you six cents apiece.

Re:When spreading malware becomes this obvious

No, in Soviet Russia, spyware authors kill you.

Re:When spreading malware becomes this obvious

[Stupendoussteve]

They'll be the first against the wall when the revolution comes...

Amateurs!

[serutan]

6 cents per machine? Hah! Our outsourcing group could get it done for 4 cents.

Re:Amateurs!

[John+Seminal]

6 cents per machine? Hah! Our outsourcing group could get it done for 4 cents.

But your help hotline would be in India. No thanks!

Spammer: Hello, this is 30 year old shit in parents basement calling. I have infected 4,000 machines but only credited with 500.
CallCenter: One moment, very sorry, read off sheet. Okay. Thank you so very much for using SpamInfect. We can help you.
Spammer: Okay, about those machines I was not credited with.
CallCenter: So very sorry. Very, very, very sorry. I sure it fixed soon.
Spammer: So, are you going to credit my account or what?
CallCenter: Yes, we credit right now. Right now. All better. Now you go to www.infectspammertoo.com for your reward.

Re:Amateurs!

[Florian+Weimer]

Yeah, it's pretty amateurish because they don't have a WebTrust seal, unlike MarketScore.

Re:Amateurs!

[Iriel]

Then again, while I get the joke, you have to think about it for a moment. When a company is paying people to slowly infect/break (depending on the malware) computers, do you really think they're honest enough to hand out checks? It's all connected man. I'm already looking over my shoulder for The Man...

Everybody is satisfied!

[MikeDX]

# Everyone is welcome to join the iframeDOLLARS.biz partnership program
# Earn $0.055 ($55.00/1000 installs) and more for each unique iframe installs
# You only put the short one line iframe code on your page(s) and start to MAKE MONEY
# WITHOUT any Active-X console or any pop-ups...It means that you will not lose your unique visitors with our iframe!
# The best percentage of installs (10-40% from the total traff or it's $4-$15 FOR 1000 UNIQUE VISITORS)
# DAILY updated soft
# We have 3 reliable servers with excellent speed
# Payments every Tuesday
# Real-time statictic of your work
# Payment via: Fethard, Webmoney, Wire and E-gold
# More than 150 webmasters work with us
# Friendly support service
# Everybody who works with us is satisfied.

Does this "everybody" include the people whos pcs get infected with this shit? How long before this becomes more widely known or more common place... and will joe public do anything or care? no. The only chance we have is when the next windows "more money, better computer needed edition" comes out..

Re:Everybody is satisfied!

[Rakshasa+Taisab]

No, they explicitly said "Everybody who works with us". The people who get their PC's infected arn't working with them.

Re:Everybody is satisfied!

# We have 3 reliable servers with excellent speed

Only 3? what are they IPs? so I can block them on my squid... :)

Re:Everybody is satisfied!

[Paco23]

# We have 3 reliable servers with excellent speed Probably not for very long.

Re:Everybody is satisfied!

[ArsenneLupin]

Does this "everybody" include the people whos pcs get infected with this shit?

Yes. You see, once their PC is infected and slow as a dawg, they'll go and see their cousin (or friend, or neighbor's son, or ...) "who knows stuff about computers", he looks over the mess, and gives them the only sensible advice: "Install a real OS!".

They do, and their computer will not only be more secure, but also faster, more reliable and much cooler in general. Without iframeDollars.biz, they wouldn't maybe have bothered. So iframeDollars.biz can indeed claim the achievement of having brought them to the joys of Linux!

Moreover, nowhere it says that you have to install that iframe code on your own website. So go out an search for random vulnerable .asp sites, and convince these too to upgrade to a more secure platform! Everybody wins!

Re:Everybody is satisfied!

[Elshar]

I'd be suprised if the people they managed to infect even noticed. Or cared as long as their machine was running. Hell, as long as you don't take a damned sledgehammer to their machine, they could honestly care less as long as they:

- have access to their porn
- can play solitare/hearts/freecell/minesweeper
- get & write email
- open the internet
- do some 'work' with word/excel

I cant wait...

[Wazukkithemaster]

For the obligatory "In Mother Russia..." comments. but how many of the first thousand will be moderated funny? or how about-- dare i say-- insightful? But its alright... they are, after all, obligatory

Re:I cant wait...

[Physician]

"In Soviet Russia" not "In Mother Russia"

Re:I cant wait...

But its alright... they are, after all, obligatory

As, it seems, are 'Insightful' posts complaining about them.

SANS Internet Storm Center already reported this

SANS Internet Storm Center reported this issue more than a fortnight ago.

Obligatory post

[zebadee]

In Soviet Russia Adware pays you!

Tracking?

[Mad+Merlin]

How do they track this? I guess their malware/adware calls home as soon as it strikes a target. Perhaps there's a possible weakness in this in that you could just keep infecting a VM and then restoring it to a good image again. Think they'd be smart enough to notice something odd about a million infections from the same IP?

Re:Tracking?

[Karzz1]

It probably just uses the referre log. For those unaware, most websites can see where their traffic comes from in their logs in a field known as "referrer".

Re:Tracking?

As usual in the ad business, they pay for unique "contacts" only, so repeated infections reported from the same IP don't count.

Don't try to fool Russian crime. They have the experience and don't like being played.

There is another reason why people need to learn that its best to steer clear of shady practices. The web never forgets and if you're not found out today your deeds will still be recorded and associated with your name in the future. Unless you've accumulated enough money by then, you will have ruined your future.

Re:Tracking?

[Mad+Merlin]

If that's the case, then it'd be even easier to spoof, just `wget http://www.evilwebsite.com/malware32.exe --referer=http://www.freemoneyforme.com/` ad nauseam.

Re:Tracking?

[MP3Chuck]

I'm sure they're aware of what sites are actually using their "services"...

Re:Tracking?

[fuzzybunny]

The web never forgets

Tee hee, the Mossberg 590/A1 12-gauge, Remington M1911, S&W .40, SIG-Sauer P-226, Glock .45, KAR-31 and LG-08 in my closet also never forget. :-)

Re:Tracking?

[matt+me]

>I guess their malware/adware calls home as soon as it strikes a target.
Yes, but not over port 80. So (reading today's news) you'll be safe in Islington!

Re:Tracking?

[mikael]

They would probably consider one IP address as a single sale.

You could try spoofing false IP addresses, but they would probably be smart enough to have a three stage handshake to make sure the IP address actually existed. Not forgetting checksums to ensure that the whole package was installed. They would probably have this happen every time the machine was switched on/off, in order to know which systems were available for use. And they would probably wait a whole week until they were certain the malware was installed successfully.

Re:Tracking?

[Panda_McElroy]

Killing people is funny.

Re:Tracking?

As usual in the ad business, they pay for unique "contacts" only, so repeated infections reported from the same IP don't count.


Hack it to spoof a response from 0.0.0.1, 0.0.0.2, 0.0.0.3, etc.

Re:Tracking?

[Lehk228]

stop typing with your nose, you got an extra 'ny' on the end

Re:Tracking?

[rsynnott]

Use open proxies, then :)

Re:Tracking?

[SeventyBang]

"referrer" isn't a reliable piece of data. Most experienced web developers know this and most inexperienced web developers start posting questions after hours of frustration because they can't make use of it in their web services or they can't log the data as part of the project specs.

Besides, it's not that tough to spoof.

Re:Tracking?

Frauders use public and hacked proxies found on sites like this one http://tools.rosinstrument.com/proxy/ to hide their identity and use multiple IPs.

Or they could get an AOL dialup account and have access to millions of ambiguous AOL IP addresses.

Re:Tracking?

[Ugly+American]

Killing people is funny.

Killing is such a harsh word... I prefer "unsubscribe with extreme prejudice."

Re:Tracking?

[fuzzybunny]

No. Killing people is bad. It's naughty. You should have learned in school, as I did, that it ranks up there with lying, cheating, bullying and unscrewing sugar shakers so they pour all over peoples' food when tipped.

But boy, it's a good thing spammers, spyware authors and virus kiddies aren't people, isn't it?

So much for our time

[AtlanticGiraffe]

The price of your hours spent trying to get rid of that annoying adware from your mother's WinXP box:

6.1 cents.

Re:So much for our time

[fermion]

Tell me again why macs costs so much?

I know it is not perfect, but no activex, and it is very easy to make whatever browser you want the default. Maybe pay for opera? Not to mention set permissions so she can never install anything, and still have everything else run.

Get the Firefox users!

1. Code up a cool extension
2. Throw in some code for this
3. Spread it around
4. Profit!

First post....

This is the kind of thing that should be illegal. I mean, it's just blatantly...evil *puts on flame retardant suit* (as for mispellings, I've been up for 45 hours). When are people just going to all in all make these things illegal? (and no I don't mean some crappy worthless legislation, I mean a point where if adware/spyware is what your company profits from, youre done, DONE). There has to be SOME common sense...come on...please? People have to stand up and give these companies the big middle finger. I'm a libertarian, I believe in free market, but I really really hate worthless parasites.

Re:First post....

[Alex+Belits]

1. US government passes a legislation that destroys a profitable business model.

2. Saudi Arabia develops a housing program that involves building a large number of igloos.

I would rather bet on the second one.

Re:First post....

[Tsunamio]

I'll take that bet. The US (or any other) government doesn't like profitable business models that attack other, even more profitable business models. Napster may have been making a profit, but that doesn't mean the folks in Washington liked it. And that was something that most voters approved of!

The US government really doesn't like profitable business models from other countries that depend on slowing down our economy (say, by installing malware on all our computers).

Re:First post....

I'll take that bet. The US (or any other) government doesn't like profitable business models that attack other, even more profitable business models.

Yes, and in this case, the even more profitable business is Microsoft. So affiliates beware! Can anybody recommend which of the 4 payment methods they offer is the most reliable (i.e. untracable...). I guess it's pretty clear that it's not Wire.

Probably not Fethard either, it's too openly promoted as a "money laundry solution" (so even though transfers within the Fethard network may not be traceable, the transfer from Fethard into your bank account may arouse suspicion... Fethard does support Western Union, but that's not foolproof either: in normal circumstances, WU ask for an id...). Moreover, Fethard seems to rely on a checkkey.exe program, which forces you to run Windows yourself. Not good, you don't want to hoist yourself on your own pethard, after all...

Which leaves Webmoney and E-gold.

Re:First post....

[Lehk228]

wouldn't it be great if checkkey.exe was a logic bomb, and the whole thing is set up to just fuck over greedy asshole webmasters?

Re:First post....

It's not a buisness model, it's terrorism...like everything else...and therefor no new legislation is needed. Bush will just mandate his way to destroying the axis of evil.

Isn't capitalism great?

This is just normal free market activity. If people thought it was bad, they wouldn't pay for it! In the old USSR you could never have these kinds of wonderful opportunities.

Re:Isn't capitalism great?

[Phixxation]

"This is just normal free market activity."

Are you serious? Would you consider a bank robbery "Normal Free Market Activity" of the banking industry? This isn't market activity, this is, dare I say it, on the verge of criminal. Since when did exploiting and hacking (that IS what these people do) become acceptable, as long as its done under the pretense of "Marketing" or other business related activity? Can I incorporate here in Iowa for $35 and start exploiting away, all in the name of "Free Market Activity"?

Re:Isn't capitalism great?

>Would you consider a bank robbery "Normal Free
>Market Activity" of the banking industry?

That is already defined as aberrant, and forbidden by law, so it's a poor example.

>dare I say it, on the verge of criminal.

The "verge" of criminal is still legal... Do you want laws to specify what's illegal, or do you want laws that suggest a fringe where you get to decide yourself?

If you don't like that it's legal for Russians to do the things in the article, you need to either persuade Russia to change their laws, or you need to persuade the lawmakers in the US to do it for you.

Re:Isn't capitalism great?

[AtlanticGiraffe]

This is "normal free market activity" in the sense that government shouldn't do anything about it, as opposed to violence, where the government should intervene.

Of course, there's nothing "normal" about compmany A making lousy software, company B using that lousy software to sneak in even worse software and company C charging big bucks for cleaning up the whole mess.

It's just that it's up to us, the geeks, to fix it.

Re:Isn't capitalism great?

[Phixxation]

Well said. :)

Re:Isn't capitalism great?

[James+in+Iowa]

No this is not normal market activity. The people who are installing spyware are not taking into account the costs it imposes on the people who own the infected computers. This is the same reasoning for why government's should be intervene for things like pollution or building public roads.

Re:Isn't capitalism great?

[hhawk]

If banks didn't have LOCKS and they basically
left the money out were people could take it, then yes, bank-robbing would be part of the normal business model..

The real problem being that people THINK by using MS software, AOL or whatever that they are some how protected.

Look in a few years for MS to say:

a) we are the best
b) we have tried everything we could do
c) we are failing
d) the country is at great risk
E) we need TRUSTED computing..

Re:Isn't capitalism great?

[Phixxation]

I agree, but lack of a lock, or lack of a WORKING lock is not part of a "Normal Business Model". Ignorance of the masses doesn't make it "Normal" for a maliceous company to subvert what little security the bank (or computer) may have.

My point is that because of the complexity of computer hardware and software, combined with its increadible proliferation, makes it very easy for these companies to use their marketing "tools". If they were legit, they woulden't need to "pick the lock". I think we're arguing over terminology here... Security is part of a normal business model, I agree, but unfortunately the general masses are relatively ignorant in regards to this very problematic issue. Until we educate them, they're going to fall prey to this kind of attack. However, it still doesn't make it "Normal" or "Okay" for a BUSINESS to actively exploit the property of others.

Re:Isn't capitalism great?

[SacredNaCl]

Exactly.

Having a window in your home is an exploitable vulnerability, its vulnerable to my mag-lite and/or brick tool. Because this exploit exist doesn't give me the right to use it to break into everyones home that has a window.

Re:Isn't capitalism great?

in the sense that government shouldn't do anything about it

Huh? Companies that put sneakily put their programs on another person's computer that do things the owner didn't agree to isn't a crime?

Re:Isn't capitalism great?

[arkhan_jg]

I can break into your house just by smashing a window. If you ever get burgled, I can just claim "Well, if he didn't want me breaking in he should have had steel shutters over his doors and windows with bank-grade locks." Then the police say "that's alright then, no law broken here, hhawk shouldn't have thought that a glass window was adequate protection against being burgled."

Would that be a nice society to live in?

Windows isn't very secure, which is a reason not to use it; but that's still not justification for people hacking into it, and getting away with it.

Re:Isn't capitalism great?

>Are you serious? Would you consider a bank robbery "Normal Free Market Activity"

Well, you might want to consider that ever since the ancient greeks the god of thieves is the same as the god of trade and commerce. Hermes in greek times and later Mercury in the Roman period.

Re:Isn't capitalism great?

[hhawk]

Agreed.

But your analogy is flawed.. it's not someone who smashs my windows. Everyone knows that's possible, and hopes their neighbors will "hear" it and call the police..

It's more like having a house w/ a lock, on the front door or back door and your key works and only your key works, then some day someone shows up, touches the lock in some special way (control-alt-delete, types in Administrator and no password) and gets entry to your house..

Or its like your home builder telling you this is the most secure house he/she ever built and then every night when you go to bed your hear noises but it takes a while to figure out all the kids in the area are having a party in your basement every night because the home builder left some "trap doors" as well as just some flawed construction around the foundation..

Re:Isn't capitalism great?

[hhawk]

The point is here, any person born in the last century or so, understand glass can easily break.

But does the average person understand how fragile or easy to hack some locks are?

The point being that MS Windows from the non technical computer user prospective is highly secure and is made by the best, smartest most innovative computer company in the world!! Plus they have that "auto update thing that is always
asking to restart the computer.. and now a firewall thing that stops some sites from poping up." So it's my computer secure? How can clicking on some ad, really damage my computer?

Prevention

[kschawel]

First of all, this exploits holes that already have patches on Windows systems:

The code exploits a number of patched Windows and Internet Explorer vulnerabilities, including some that go back as far as 2002. Systems that haven't been updated would be vulnerable to the exploit.

So patch and you'll be fine. Second, if you don't want to patch, you can just block this company's IP:

According to the Internet Storm Center, companies can prevent the downloading of adware and spyware from iframeDollars' servers by blocking the IP address 81.222.131.59.

Re:Prevention

[Jeremy+Erwin]

According to the Internet Storm Center, companies can prevent the downloading of adware and spyware from iframeDollars' servers by blocking the IP address 81.222.131.59

Blocking? That's kid's stuff. I'm willing to pay standard rates for successful installation of my DDOS client...

Re:Prevention

the ip is useless, these people change ip's everyday (a $dig@ the site will expose that)

also they are just installing windupdates trojans which is registered in Canada
follow the money and all is revealed

Re:Prevention

[Baron_Yam]

So what if everyone here started clicking here?

Is it morally acceptable to launch a preemptive strike when you absolutely, positively know the bastard is attacking you? Given that I get a timeout when I click on that link, I'd guess many people have already said, "Yes".

Re:Prevention

[Baron_Yam]

Oh, and since going to iframedollars.com or iframedollars.biz takes you to 195.95.218.170 and not the address mentioned in the parent post, you might want to click on the link above a few times as well.

Re:Prevention

Is there a patch that prevents:

"Would you like to install this program?, Click yes or No". I can not speak for this specific piece of adware but many times, the hole is the user, not the software.

I actually start and run IE as a regular user. Can't do much installation of third party software that way even if you wanted to.

Re:Prevention

[suitepotato]

What we need then is an app, probably to be written on Linux (what else?) and we could call it Slash'em or SlashDotThis. All it would have to do is contact the site acting like a web browser, identify itself as IE running Win and do the usual http get process as if someone were browsing. And do it again. And again. Multiply by a few thousand Slashdoters and we could put them down and keep them that way. How would they tell if we're spoofing or actually browsing? What are they going to do? Block almost every subnet and provider out there? Limit it to AOL's space?

Re:Prevention

[Baron_Yam]

What would be really scary, would be a GPL, cross-platform, voluntarily installed app that pulls a list of currently approved targets from a hatelist and does its part in a DDOS campaign.

As long as it came with fairly small bandwidth and transfer caps, I'd run it.

The legal issues would be somewhat interesting.

Re:Prevention

[radish]

Judging by what's happening for me right now, putting a bogus id in the form to the left of that page hits their server rather hard. Hasn't come back yet and it's been over a minute. Doesn't increase their hosting costs, but maybe we can cause a meltdown in the database ;)

Oops, I appear to have just started 20 request threads on their app server. My mistake.

Re:Prevention

Yes, it would probably be unkind to do something like repeatedly loading the biggest graphic in their page, using this convenient piece of shell script:

while true; do wget http://iframedollars.com/_img/top_sign.gif; done

Re:Prevention

Lycos already did this, and it was an expensive legal mistake. Check google for details.

Re:Prevention

And who said giving greedy fucks what they want is a bad thing.

Can't see a better use for the "Slashdot" effect.

Re:Prevention

[brxndxn]

Why don't we just take this to the next level and have us Slashdotters patrol the web like ants.. Any time there's a verified site doing crap like this, we all hack it, bring it down, track the people involved, torture them, kill them, donate their bodies to science, take their money, and donate it to open source-related initiatives?

And, we'll have it be anonymous.. so we'll see threads like 'Anonymous Cowerd +5 Informative: Ya, found the bastard and poured gasoline all over him and lit him on fire. He should be dead by now.'

Re:Prevention

[Strepsil]

If load is your goal, then rather than a bogus ID, it seems slightly more amusing to enter "%" - the SQL "match everything" wildcard.

Looks like the contents of that field are thrown directly into a query string. Takes quite a while to come back with;
"Warning: readfile(http://213.159.117.133/dl/stats.php?adv=a dv0): failed to open stream: Connection timed out in /home/users/81.222.131.59/stats.php on line 47"

Re:Prevention

[mtenhagen]

It looks like their server is not compatible with ApacheBench after 500 request's the server denies access. Maybe people where benchmarking their servers regulary.

Re:Prevention

"Oops, I appear to have just started 20 request threads on their app server. My mistake."

That's okay. It's an easy mistake that anybody could have made. No, really, *anybody* could have made it.

By the way, 0 and -999 also seem to be interesting ID numbers:

"Warning: readfile(http://213.159.117.133/dl/stats.php?adv=a dv0): failed to open stream: Connection timed out in /home/users/81.222.131.59/stats.php on line 47"

Other numbers respond promptly, but these ones take a looooong time to come back with an error. Either they aren't being filtered out before being passed to the database, or they are smart enough to wait a while for any client sneaky enough to try such bogus values.

I hope they appreciate the free debugging services that /. offers. Their server should be pretty robust once they fix those bugs.

The Real Question is...

[kingofalaska]

The question I thought of is: how much will be paid for adware/spyware removal tools, and who will profit?

I say this because just last week I helped a friend set up his new HP machine, and noticed that it came bundled with 30 day trials of Norton firewall/AV, some anti-adware, and some antispyware. I replaced all three with free/OS versions. But many users don't know about this, don't know where to get it, and don't know how to use them. In fact, removal of these 'trials' was a pain, even for me.

KOA

Anchorage, Alaska Will Host National Policy Meeting on Technology

Re:The Real Question is...

[moranar]

I think I speak for all of us (at least, all the people not affiliated with this) when I say:

FUCK! Stop it, you lecherous thieving bastards! Enough already!

This has been a cry of impotence. Thank you for your attention.

Re:The Real Question is...

[zienth]

Why do you think Microsoft is getting into the anti-virus business? First they single-handedly created a multi-billion dollar market for anti-virus software by creating an OS that's about as secure as cheesecloth, and now they're going to jump in and make more profit by selling anti-virus software.

It's like a contractor building a house with a leaky roof, and then selling you a tarp to put over it.

I wish the internet backbone sites would all block traffic to and from IframeDollars. Hmmm, but that's a slippery slope. Next week someone not quit as bad will show up, and where do you draw the line at who to block and who to let be?

Keith

Re:The Real Question is...

[voixderaison]

Is the tarp made of cheesecloth? *ducks*

Re:The Real Question is...

[ZosX]

This has been a cry of impotence.

Well clearly someone isn't getting the ads....

As a service to the slashdot community I have included what I feel to be the best spyware removal tool out there. Please install the following attachment, it will remove all of your spyware and make your computer a friendly place again!

Have a nice day!

[attachment deleted: virus safely removed]

NO CARRIER

Dell installs spyware too

Dell does it too

check it /me waits for the class action

THOSE BASTARDS...

[Aaron+Pannell]

those vicious, heartless, bastards!

Capitalist Russia

[Colin+Smith]

Hey look! The free market, Russian style.

Re:Capitalist Russia

[dmitri83]

come on, it was not us who invented capitalism.

Re:Capitalist Russia

[cas2000]

> Hey look! The free market, Russian style.

yeah, they haven't yet learned the secret of not-really-free market capitalism from the americans. when they do, they'll be lobbying governments all over the world to require all computer users to have spyware installed, and make it a crime to remove it....and having their government threaten trade embargoes or excessive tariffs or, in extreme cases, military action against any nation which refuses to comply.

Yes, it is

Seriously, I'll take a little adware here and a little spyware there over the Gulag every day.

Capitalism finds expression

[truckaxle]

It is nice to see the russians embracing capitalism so well. Adam Smith smiles broadly...

Re:Capitalism finds expression

[chevyorange]

You're right, I am smiling!

Adam Smith

Re:Capitalism finds expression

[Trumped]

Russia doesnt operate under a capitalist system. Capitalism implicitly protects private property and has a strong rule of law. This is *not* the case in Russia. Something that economists will rarely admit, is that when communism fell, what Russia needed was *not* economists, but lawyers. The lack of a rule of law is the cause of much of Russia's economic woes.

In Soviet Russia...

Slashdot posters nevermind YOU!

Is this illegal? If not, just the effect of market

[icemax]

If adware and spyware is not illegal (although nobody here would argue it is ethical), and there is some monitary value for each PC infected, it was only a matter of time that offers like this would become public. Hopefully market competition will force down the value of each infected PC, making these schemes less inviting.

Thinknerd.de Story from 28. May 2005

Hey /. do u write history book or news site? Please mod it with Score 5 funny because of bad english
http://www.thinknerd.org/?q=node/view/1281#comment

Yay for capitalism.

[Gordonjcp]

Great work, guys.

That's lowball....

[kawika]

The going rate for a US computer is more like 15 to 20 cents. Other countries go for as little as 1 or 2 cents. Cash4Toolbar is installing its stuff through some blogspot.com blogs (IE users beware) and some really cute social engineering, but several others are seeding infected files on BitTorrent.

more info and breakdown of its behaviour

here

Well, I am split on this issue...

[THEUBERGEEK]

As a tech support agent that works to remove this crap from the machines of those brave enough to call me, I have to hate these bastards with a virulence that borders on psychotic.
But I also have to thank them for the job security, afer all if they did not do this I would be uneeded and would have to go get a real job.

Re:Well, I am split on this issue...

amen to that

Where to now ?

[morcego]

I was wondering where we are going from here.
SPAM, Pay-for-xploit. 99% of the web content is pretty much useless.

Is it possible to claim back the Internet ? Somehow, I don't think so.

Re:Where to now ?

[stubear]

"Is it possible to claim back the Internet ?"

Yes, eliminate anonymity on the Internet. Stop allowing spoofed IP, MAC, and e-mail addresses.

Re:Where to now ?

[morcego]

There is no such things are anonymity on the Internet. Never was.

There is always ways to track others, specially they are connecting directly to you.

"Stop allowing" ? Who ? Me ? Oh, you mean everyone ? Well, if we could get everyone to patch, follow the correct procedures, and simply "do thing right", we would not have this problems, hum ?

So, I take you are agreeing with me there is no possible way to claim back the Internet, is that it ?

Re:Where to now ?

[fuzzybunny]

You might be interested in the latest DailyDave mailing list traffic--there was a pretty long discussion about exactly this--essentially an exploit auctioning and licensing model.

Re:Where to now ?

[jfengel]

99% of the web content is pretty much useless.

That may be, but you don't visit 99% of sites, and you don't visit them randomly. The thing with the web isn't how much crap it has, but how much good stuff it has: amazon for buying stuff, cnn.com and myriad others for news (slanted any way you like), and a bazillion cool toys that you can find with google.

So basically I'm not certain the Internet is in any need of being reclaimed. Yeah, there are an awful lot of jerks out there. Most of them stay away, publishing rants in their blogs. A few want to break into your computer, and that's a problem, but one that anybody who reads slashdot should be able to manage. For the rest of them, the problem is getting better: Windows does manage to get more secure over time, and the alternatives (linux, mac, Firefox under Windows) are either more secure or at least smaller targets. Spam is also a problem, one that's not solved yet, but filters help (as does taking care with your email address).

There are plenty of reasons to despair in the world, but the Internet isn't one of them.

Re:Is this illegal? If not, just the effect of mar

[Tim+C]

Well, here in the UK installing stuff on my PC without my consent would be illegal under the Computer Misuse Act. I'd be amazed if there wasn't a similar law in your jurisdiction.

Bottom line - I doubt very much indeed that this is legal in most countries.

Re:SANS Internet Storm Center already reported thi

And the IWeek article reports on their findings, what's your point?

It just doesn't suprise me

[jurt1235]

Nothing else to say about it.

Are major PC OEM's eligible

[team99parody]

If so, I sincerely hope they sign up, and pass the savings on to me.

They already install all sorts of expensive crap I don't want on my machine (windows, office, etc) - at least if they installed this, they could pass on the savings (instead of the cost) to me.

Re:Are major PC OEM's eligible

[spectre_240sx]

Ummm, most of the major PC OEM's already install spyware on their computers and I seriously doubt that they're doing it for free. Why do you think Dell can give away $399.99 computers?

microsoft will put this company out of business

by installing their own spyware in longhorn

Use of affiliate program business as normal

[NathanBFH]

This isn't really all that suprising. Business is business, whether it's black, gray, or white market. Affiliate programs work, why wouldn't adware businesses use this method to spread their product? It's interesting to see some estimates on their revenue, however. At first I read the slashdot summary and thought they were talking about $75,000 revenue annually and was surprised that anyone would even bother making adware for such pittly money. But the 'Aha!' moment came when I reread it and saw that's the estimated revenue for one-weeks worth of business. Damn, not too shabby.

Just Don't Look! Just Don't Look!

[Valacosa]

Is there any way for a firm to make money off this, other than selling products through said spyware?

If not, why don't we just convince people not to click on those "3nh4|\|ce j00 p3_n15" ads that pop up onto their screen?

Oh yeah, if the unwashed masses were that smart telemarketing would have been killed the same way. Nevermind. Every medium of commuinication will continue to be exploited for advertising as long as the ads work.

"Well sir, advertising is a funny thing. If people stop paying attention to it, pretty soon, it goes away."
- The Simpsons, Treehouse of Horror VI

Re:They've got me! - or maybe....

I keep getting pop-ups for penis enlargements! Help!

Are you sure that aint your girlfriend sending you messages again? Oh wait this is slashdot... oh never mind!

Not only in Russia

[AwenAnam]

Recently I was contacted by a friend of mine in the United States who wanted to hire me as a programmer to develope an email borne virus with a certain advertisement payload for one of his clients.

I graciously declined the offer.

Re:Not only in Russia

[HardCase]

Recently I was contacted by a friend of mine in Nigeria who wanted to hire me as an intermediary to help him claim one million dollars from his father's bank.

I graciously declined the offer.

Re:Not only in Russia

Get a new friend.

That's not someone you want any known record with - eventually a person like that is going to do something stupid, and then you'll be on his contact list when the FBI etc. start calling around.

Re:Not only in Russia

[kmmatthews]

Good friends you got there.

Re:Not only in Russia

[SpaceLifeForm]

Bill will probably contact you again. He has the cash.

Re:Not only in Russia

[jZnat]

I graciously declined the offer.

I kinda figured as so since you didn't post as AC...

I will pay

I will pay 6 cents for every employee of this Russian company you murder.

Re:I will pay

they are actually a canadian company 180solutions who own CDT who own loudmarketing who own windupdates.com whos software is the actual stuff that gets installed, iframedollarz is just a middleman

Re:I will pay

I'll raise that to .30 for every employee!

Re:I will pay

Then it's 4 cents.

Igloos in Saudi Arabia?

[kingofalaska]

"2. Saudi Arabia develops a housing program that involves building a large number of igloos."

That is a safe bet, as Igloo simply means house. It doesn't mean 'house built of wind packed snow'.

KOA

Anchorage, Alaska Will Host National Policy Meeting on Technology

Re:Igloos in Saudi Arabia?

In Inuit the word "iglu" not "igloo" means house, however the parent-poster wasn't speaking Inuit. The parent poster was speaking English, and in English the word "igloo" means "an Eskimo house built of blocks of snow and ice in the shape of a dome for temporary purposes".

Re:Igloos in Saudi Arabia?

Did you post in English or Inuit?

There you go.

Paying for infection

[rajats]

I think if clients are paying after a host gets infected then it may not be a very good strategy because (I'm n ot sure about this) most spyware removers work after infection...don't they? So the infected hosts may not *stay* infected.

Re:Paying for infection

[lintux]

That might be the reason why it only pays six cents per machine... It could be more if all the installations would generate revenue.

Re:Paying for infection

And by the time somebody actually scans and removes it (maybe a week or more later) the spyware has already stolen all your personal data, email addresses (most spyware ppl are big spammers too), and whatever else they can think to steal for more profit :)

wrong IP

; <<>> DiG 9.2.2 <<>> @192.168.0.1 iframedollars.biz any
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;iframedollars.biz. IN ANY

;; ANSWER SECTION:
iframedollars.biz. 600 IN SOA ns.iframedollars.biz. hostmaster.iframedollars.biz. 2005053101 600 300 600 300
iframedollars.biz. 600 IN NS ns2.iframedollars.biz.
iframedollars.biz. 600 IN NS ns1.iframedollars.biz.
iframedollars.biz. 600 IN MX 10 relay.iframedollars.biz.
iframedollars.biz. 600 IN A 195.95.218.170

Re:wrong IP

[Baron_Yam]

I haven't read enough of the writeups, but perhaps the first IP is the 'phone home' IP used by the spyware?

In any case, it'd be nice to DDOS their web server, since we can absolutely, positively be sure the bastards own that. If you can confirm the first IP leads to one of Iframedollars' servers, I say DDOS that too.

Honeypot browser

[tgibbs]

So what we need is a "honeypot browser," that represents itself to a website as an old, unpatched copy of IE--but doesn't actually install the spyware. Then we could log in over and over, costing the spyware company money each time.

Re:Honeypot browser

[fuzzybunny]

"we" have it. It's called VMWare.

Re:Honeypot browser

So, somebody just write a program that sends GET requests with a spoofed IP address in the header.

Re:Honeypot browser

The browser likely needs to be spyware infected, and I'd bet that spyware reports back to the owner.

Tor or IP Spoofs + VMWare

Re:Honeypot browser

[SacredNaCl]

Apparently these folks can be reached at:

ICQ: 291994264

and

traff@mail.com

I sure wouldn't want anyone spamming them, or contacting them with complaints and wasting their time like they waste mine having to remove their garbage...

Re:Honeypot browser

[Michael+Spencer+Jr.]

From what I've read, the spyware has to actually be installed and call home for people to get credit.

So what you're describing can still be done, but it's trickier.

First, get VMware, a vulnerable copy of Windows, VNC, and a VNC record/playback program like rfbproxy.

Install a vulnerable version of Windows onto a VMware machine, with at least host-only networking. Install VNC with *no password*. Shut down the virtual machine. Change the virtual machine's disk to an undoable disk. While you're at it, change VMware's settings so VMware runs at low priority. Restart the virtual machine and boot Windows again.

When the VM is booted and ready, but still has never connected to the Internet, pause the VM and quit VMware.

Copy the VM's directory to a backup location.

Open VMware again, and resume the paused VM. Connect a VNC client through rfbproxy to your VM. Using VNC (which is now recording your interactions) use the VM to connect to the target web site and trigger installation of spyware. Once your system has calmed down, such that it's likely the spyware installation is done, disconnect VNC. rfbproxy has made a recording of your VNC session, which you can play back from the command line.

Now we're ready to set up the loop. Here are the loop steps:

Copy your VM backup over top of the VM's normal directory. This will return the VM to its "just-booted, never been connected to the net" state.

Use a VMware command line to immediately load and resume that VM. Note the VMware PID somewhere.

After a delay, run an rfbproxy command line which connects to the VMware machine over VNC and plays back your mouse/keyboard inputs.

***while you're waiting, the VMware machine is being infected with the same spyware, one more time***

After a much longer delay, kill the VMware PID you stored earlier.

End loop.

It seems like this attack could be easily defeated if the people running this program just filter out non-unique IPs. Adapting these steps to connect to a dynamic-IP dialup account is an exercise left for the reader. :-)

What do you think? Not evil enough?

Re:Honeypot browser

Funny you should mention that... Honey Monkey Project

Re:Honeypot browser

[DurendalMac]

I just signed the bastard up for newsletters from fistmyass.com and sheshuge.com. Let's see how he likes tubby bitches and gaping cornholes.

LoudCASH?

[Refrozen]

LoudCASH! a "reputable" company does the same thing? There is nothing wrong with ADWARE, spyware is the bad stuff. All adware does is, well, show ads.

Fucking Russians

They're worse than spics. Thank jeebus that we got Alaska from them.... or we would've have even more drunk subhumans trying to cross our borders.

The web never forgets...

[Leffe]

I will never forgive you, Anonymous Coward!!

Re:The web never forgets...

The data to connect my name, my address, my bank account, my hobbies, etc. to these comments exists on machines over which I have no control. I could name the paths which connect these snippets of information. They are spread over different companies right now, but that doesn't mean they will never be joined and analyzed. The utter insignificance of these comments probably means that nobody will ever care enough to single out this data association, but it still exists.

Re:Is this illegal? If not, just the effect of mar

[tcgroat]

According to analysis done by the SANS Institute's Internet Storm Center, the exploit drops at least nine pieces of malicious code--including back doors, other Trojans, spyware, and adware--on any PC whose user surfs to a site that hosts the exploit code.

Trojans and backdoors are already illegal. This isn't a mere pop-up generator or search redirector, it is about cracking security and getting unauthorized access to the entire system. Any "affiliate" in the USA who distributes this code is begging to be prosecuted.

Important message to Slashdot editors

[atomm1024]

Make sure you edit out any mentions of Russia from article summaries. That can only lead to at least half of the comments being lame Soviet Russia jokes.

This is not a battle, this is a war!

[Oracle+of+Bandwidth]

ok, how do we go about blacklisting these guys, their affiliates, and everyone they ever loved (Kidding on the last one)?

Boris Badenov, working for Meester Big?

So Boris Badenov, working for Meester Big, has gotten into the Spyware/AdWare space. Help us, Rocky & Bullwinkle!

-- Professor Jonathan Vos Post

Re:Is this illegal? If not, just the effect of mar

[BlogPope]

I suspect they only care if its legal in Russia, and then perhaps only a little.

Re:SANS Internet Storm Center already reported thi

SANS Internet Storm Center reported this issue more than a fortnight ago.

I wouldn't get within a furlong of them.

Deal with the cause not the symptom

[MarkByers]

It wouldn't work - even if you removed one company, others would appear.

How about hitting stupid users over the head repeatedly until they click the 'install critical updates' button...

Then impose heavy fines on the companies that create security-hole-ridden software and charge extortionate amounts to upgrade, despite that the software is a necessary component of most people's systems. They should be forced to provide free security patches for the entire lifetime of the product, or else a free upgrade to the next version.

Re:Deal with the cause not the symptom

[Dorsai42]

Rinse and repeat until the desired effect is achieved.

Re:Deal with the cause not the symptom

[cas2000]

> How about hitting stupid users over the head
> repeatedly until they click the 'install
> critical updates' button...

idiot users are only partly to blame. the real problems are the idiot programmers and idiot managers and idiot marketing droids at microsoft who are responsible for the crap code in Windows.

clicking the "install critical updates" button doesn't do any good if there ISN'T an update to fix a bug....and even when there is an update, it often doesn't fix the underlying problem, it just
patches one particular instance of a recurring bug so that it is hidden or difficult to exploit. eventually, a new exploit will be discovered for the SAME BUG.

Re:Deal with the cause not the symptom

[Al+Dimond]

How can this be modded insightful? Just about all software has bugs and much software can be exploited somehow. Can the upgrade cycle be harsh and expensive? Sure, but it was somebody's choice to install particular software for their security-critical application. If it doesn't meet their needs, maybe they should switch (another harsh and expensive process).

Re:Deal with the cause not the symptom

[Geekbot]

Eh? The answer is to attack people that have been hacked? Let's make sure we understand what is going on. A Russian Mob is paying to have American computer's hacked and infected. We've dropped some bombs in the middle east over less than this. I think a flock of bombers ought to make these guys reconsider.

Think of it this way:

[daviq]

The Russians aren't threatening to launch missiles at us anymore. They've moved to a less destructable medium, while taking advantage of stupid Americans.

Gives new meaning to...

[mmarshall]

In [...] Russia, addware infects YOU!!

Easy fix.

[Ph33r+th3+g(O)at]

Follow the money. Find out who's receiving the payments, extradite them if they're outside the U.S., slap them in irons, put them on trial, and off to pound-me-in-the-ass prison. This sort of problem won't be solved without a credible deterrent.

Re:Easy fix.

[Vegeta99]

How is what they do illegal? The users still have to agree to it, conniving or not.

Re:Easy fix.

extradite my ass

why not just get team america if you wanna police the world? fucking americans.

Re:Easy fix.

Because American justice, if you can even get it, is too fucking slow. We need one of those countries that if the right people are paid off, 'justice' happens quickly.

Changed opinion

[theantidote]

Before I got my job I would've been peeved about this. But since I got a job at a computer shop to fix computers and remove spyware, well this just means more money for me!

Re:value your time.

Moderators: Please note that "twitter" is a known fanatical sycophant whose obnoxious offtopic rants are legend here on Slashdot. It doesn't matter what the topic is, he'll find a way to scrape in some pointless Microsoft bashing. While nobody expects us to love Microsoft in any way, his particularly tepid style of calling anyone he replies to "troll" or "liar" or "fanboy" because he happens to disagree with whatever they're saying is well documented and should not be rewarded. If anything, twitter is the type of person that should not be part of the open source/free software community. He is an anathema to all that is good about free software.

I'm posting this so that you (the moderator) have some context to consider twitter and not mod him up whenever he posts his filler preformatted rants about installing Knoppix or Mepis or whatever that unfortunately get him karma every single time and allow him to continue posting his trademark toxic crap (read on) day in and day out. You may consider this a troll - I consider it community service. And I ain't kidding.

If you're a /. subscriber, I invite you to look through some of his posting history. I guarantee that you'll be hard pressed to find someone that is more "out there" than twitter. You'll also probably notice he's got quite an AC following. Don't just read his posts, make sure you go through the replies.

To get an idea of what I'm talking about, check this post out. This is an article about email disclaimers. The parent of the post is complaining about the ads in the linked page and so on, and twitter actually goes off on a rant to blame it on Microsoft and recommend Lynx, because "is teh free".

Here's another. In this post twitter not only calls the OP a troll but attempts to "tell it like it is" while making some vague argument about "GNU". Yes, if you're confused, you're not alone. The reply (modded +4) proceeds to simply destroy his bogus argument. You will notice he did not reply. This is what some people call "drive-by advocacy". A sort of I'll just leave you with my thoughts here and move on to the next flamebait kind of deal. In fact, he almost never replies because he knows that his fanatical arguments simply do not hold up to any sort of discussion. It's not that he's chosen the wrong cause - he's just going at it in a completely wrong way.

Here's that drive-by advocacy and FUD in motion: twitter goes on about some topic and then drops the usual "oh and M$ is teh evil" because "WMP phones home" or some such. Called on his FUD, he then claims that WMP stores every song and movie you've ever played in a file, somewhere. Pressed further, he just sort of slithers out of sight, his FUD-spreading complete. This is not about some Microsoft technology that nobody likes anyway; it's about lying for the sake of lying. Way too many of his posts are exactly like this one.

More? Just read though this post and the subsequent replies. I guess this stands on its own. Or these two. Or this one. Or this one.

Still not convinced? This is what twitter considers "humour" while going about his daily "M$" routine.

Only chance?

[Create+an+Account]

The only chance we have is when the next windows "more money, better computer needed edition" comes out.

How about installing a $30 home router using NAT, Firefox, Thunderbird, and a common anti-virus client? Total cost less than $100, maybe two hours.

Alternatively, install Linux, Firefox, and Thunderbird, snicker quietly to yourself, and enjoy. Total cost $0, couple hours to figure out/configure Linux.

The good old what if OSS is used for evil question

[bogie]

Warning: mysql_numrows(): supplied argument is not a valid MySQL result resource in /home/bestc/dl/stats.php on line 16

Warning: mysql_free_result(): supplied argument is not a valid MySQL result resource in /home/bestc/dl/stats.php on line 23
Today is: 12 June 2005 03:00
adv11890
DAY

UNIQS

LOADS

LOADS %

UNIQ LOADS

UNIQ LOADS %

DOLLARS

Íîâîñòè:

Ñ 2 ìàÿ ïîâûøåíà öåíà çà 1ê çàãðóçîê äî 61$

Ñ 4 àïðåëÿ ïîâûøåíà öåíà çà 1ê çàãðóçîê äî 55$

Ñ 9 ôåâðàëÿ ïîâûøåíà öåíà çà 1ê çàãðóçîê äî 50$

Ñ 24 ÿíâàðÿ ïîâûøåíà öåíà çà 1ê çàãðóçîê äî 45$

Ñ 22 íîÿáðÿ ïîâûøåíà öåíà çà 1ê çàãðóçîê äî 40$

Ñ 11 îêòÿáðÿ ïîâûøåíà öåíà çà 1ê çàãðóçîê äî 35$

Ñ 4 îêòÿáðÿ ïîâûøåíà öåíà çà 1ê çàãðóçîê äî 32$

hit em where it hurts!

I noticed that the fools don't have a script-protection form on their signup page (http://iframedollars.com/sign.php) would any of you scriptkiddies mind hitting them for me? :)

The story left out one very important detail...

[ArsenneLupin]

It didn't answer the question: "Where do I sign up?". I've got a couple of thousands of windows users to teach a lesson to, and if I can make some moolah in the process, so the better!

Re:MS putting food on other peoples table once aga

[Ravatar]

All of these exploits have been patched by Microsoft already. It is the responsibility of the end-user to keep their OS up-to-date. For those too inept, Windows XP SP2 "automatic update" feature is decent i've heard.

In Capitalist USA,

[noidentity]

Microsoft charges YOU for infection with Windows.

Re:In Capitalist USA,

[vandit2k6]

Hahahhahah SO TRUE. Spyware found: WINDOWS. Immediately delete C:\Windows folder.

complexity, working locks, exploitative businesses

[voixderaison]

I think you've touched on an interesting point worth exploring further. The complexity of these systems makes it difficult to figure out what's legal and what's not legal, leaving a big grey area. Much Adware and Spyware presents the user with a dialog box:

[ lots of fine print nobody reads ]
[ OK? ]

So technically, the user agreed to get pop-up ads for penis enlargement and mortgage refinancing and downloading all the trojan spyware buddies and I don't know what else because I don't run a Windows computer.

There are quite a few exploitative industries, and they pre-date the complexity of home computing and Windows and Adware and Spyware.

Rent to own? Circumvented credit laws allowing the company to, in effect, charge higher than legal interest rates to low-income consumers.

Televangelism? Exploited the home bound and lonely and sick by showing them television of people (pretending to be) healed. This was the pioneer for staged "Reality" television, and frankly I'm surprised that it took so long (decades) for the television industry to apply the basic business model to popular television (cheap to produce, add some "Scripted Assisted Reality" drama, advertise, and whammo! Dollars flow in without exploiting the poor and the sick.

The modern credit card and mortgage industries present even more complex examples. They have successfully lobbied themselves into a position where the laws are extraordinarily complex, and allow them to perform all manner of exploitative business practices that are perfectly legal. Bought a house lately? Do you have *any* idea who really paid how much for what in that stack of papers?

None of this requires exploiting the complexity of home computers. In fact, in a sense one might consider the wild west nature of marketing via spyware on the home computer to be inspired by these other industries, which pre-date these companies by decades.

One last wild hare thought... Adware and Spyware are also great equalizers, in the same way as the dot com types viewed the internet. This massive market of insecure home systems based on Windows allows *anyone* to get into a money making business with very little overhead.

One could ask the rhetorical question: why is it OK for established multi-billion dollar per year industries to first create and then exploit legal complexity, but it's not OK for budding entrepreneurs in economically disadvantaged nations to set up an, ahem, advertising company.

Work from home! Watch the $$$ roll in!!!

Catch

The only catch is that it's not an "install" unless the installed spyware has called home to the spyware company.

Dude...

... relax.

I used to get pissed off at stupid people. You, apparently, are obsessed with this guy. I count about 30 links there. I don't do that much research on topics I'm genuinely interested in.

This guy's an asshole. We noticed this after the first 5 links. We can either become completely obsessed with kicking him off /. (which is arguably censorship), or we can accept the fact that there will always be assholes around.

Re:Dude...

[Mycroft_VIII]

Don't worry, it's a canned response. It get's posted after about 1/2 of 'twitter's' posts according to a random sample.
This AC is everybit as much an anti-twitter nut as twitter apears to be an anti-ms nut.
Just ignore them, they're both the same.

Mycroft

It's only illegal if you're caught...

Any "affiliate" in the USA who distributes this code is begging to be prosecuted.

Not if he follows some elementary rules of safety:

• Hotmail e-mail addresses
• Payment via (Fethard and ) Western-Union
• Don't put the iframe code onto your own website (D'uh...). There's enough IIS/ASP/SqlServer sites out there for the taking. And that way, you not only teach desktop users that using a secure OS is important, webmasters get the same lesson!
• Oh, and before I forget: every Web access related to your new business (reading/sending hotmail, scheduling Fethard payments, acquiring new ASP sites) needs to be done via an open proxy

Reload Every

[Yolegoman]

use Reload Every with a custom reload setting of 1 second, type in a fake ID (as the parent said), and tell Reload Every to resubmit the post data every request.

I love this.

Re:The good old what if OSS is used for evil quest

[ArsenneLupin]

Hmm, but that is what they're doing really evil? After all, they're only attacking Windows boxen... Or does their iframe 'sploit also work against Konqueror or Firefox?

If I had a dime...

[hobotron]

For every machine I've cleaned spyware off of, I'd be making money both ways.

Just like cigarettes..

[Ricardo]

Without getting too off topic, this is basically what cigarette companies do, except to people.

I think they make something like 6 cents per cigarette.

I don't see that being outlawed, they just cut a deal, where they paid some cash they had lying around/will have lying around, and had to promise not to blatantly advertise to children (in Western countries).
http://news.bbc.co.uk/1/hi/world/47858.stm

I wonder how long that would last if tobacco only grew in Russia.

Re:Just like cigarettes..

No, you are way off base here.

This would be like what cigarette companies do IF:

The cigarette companies paid someone to strap a cigarette to your face and force you to smoke it and you then had to pay a specialist to remove the cigarette from your face.

Which would not be tolerated if tobacco grew in Russia or America or anywhere else for that matter.

Your analogy is stupid, try again.

Mod parent up

[anubi]

Although I have a modpoint, I'd rather post in defense of my parent, who is presently modded 'Troll', and give up any moderation power I have in this thread.

He gave us an informative link to another company doing the same thing... paying webmasters to place adware.

Check out his link and see. Its a disgusting concept. But its out there.

I believe Refrozen deserves better than being slapped with negative moderation for presenting the link to us.

Re:Mod parent up

[anubi]

I know its poor form to reply to one's own reply...

This post presented a vexing moderation problem to me.

Thing number 1: Refrozen presented a very informative on-topic link.

Thing number 2: Refrozen also stated nothing wrong with ADWARE, which to me is a very inflammatory troll.

I consider ANY intrusion and placing of stuff in my machine as malicious mischief, much as I would view anyone coming onto my property and leaving painted ads... aa well as a theft of my time to witness ad and time required to remove it.

Whether they flip bits or leave paint, they have still altered my property - and stolen my time.

No way can I condone adware like this - I think about all of us here consider it at least malicious mischief.

So how do you moderate an informative flamebait?

SUE!

[bluGill]

At least in my area that would be considered sexual harassment. Get a lawyer and sue them. The only downside is you have to live with every radio station in the world (or at least the US) telling everyone that you have a small penis and are offended by it. If you are happily married this shouldn't be a problem. (though a good marketing weasel could sell smallness to the girls)

Re:SUE!

[Feztaa]

Sell smallness?

"Yes that's right ladies, all this pleasure and it stores compactly right between the comfort of his legs. No embarrasing bulges in the pants, even with a full erection! All this and less for just $99 99 99!"

Tell the FBI

[bluGill]

It is illegal in the US to misuse a computer. I'm not sure what the exact details are, but that isn't your problem. It is illegal to enter into a contract to do something illegal. Depending on circumstances, it might be illegal to know someone is attempting to commit a crime, and not tell the police. For all of the above reasons you should inform the police about this. They might not do anything, but you should get some file number so you can prove you tried anyway.

In some cases they will ask you to enter into this contract - for purposes of gathering evidence. Be careful if you do, though in general you should.

Way to Go

[TheoMurpse]

And this is why things like the Can Spam Act will never work, and are merely wastes of taxpayer dollars.

In Soviet Russia...

[10scjed]

Adware Pays You!

This solves the Underpants Gnomes equation!

Phase 1: Make meaningless website to attract Slashdot crowd
Phase 2: (formerly "?") Infect machines during slashdotting
Phase 3: PROFIT!!!

Re:MS putting food on other peoples table once aga

[Doc+Ruby]

And when your car has recall-worthy defects several times a week, it's your responsibility to scan the newspapers for the alert notices. And spend several hours a week in your mechanic's garage, while they fix them with you. It's all OK, because it's on the automaker's tab, right?

Re:Honeypot browser twice as sweet

If you get this working a dynamic IP, be sure to register an account with them so they pay you for reinfected your home system...

Ah, what a bunch of cynics...

This is a great business strategy. Evil, but great. It's almost like the old banner ad companies that paid the user for displaying a banner on their computer, except it's on a per-computer basis rather than a per-minute one.

There is, however, one possible outcome that no one has considered yet:

Once word of this gets out, it might actually motivate people to switch to something more secure. After all, something like this is like putting out a bounty for susceptible computers. People don't like it when someone is visibly making money at their expense.

There's no viable alternative on the PC for computer-illiterate people, though it would be a good time for someone to invalidate this statement, but there's always OSX. It wouldn't be too surprising if people began switching.

I Think The Point Has Been Reached...

[gloriouslyjon]

...where frustrated and ticked off sysadmins will find these people, hang them from the nearest lamppost/tree with barbed wire nooses, blow up where they work (after taking the computers, that's good hardware!), sow the ground with salt, then piss on it a few times. Either that, or there will be a company that builds honeypots just for the job of luring away software like this.

Re:Prevention - Try entering 'WHERE 1=1

The good old 'WHERE 1=1 gives

The total payment
last week was:
$11890

and a big hang on the rest of the page.

So have I selected the SUM() of all their sales, or has something else happened?

communitarians, provincials, farm boys

[Senor_Programmer]

it's the big town bazar...
for every way to make a buck, there will be some who are willing to exploit
it's got nothing to do with the form of government or business
Enron, the restaurant that doesn't charge sales tax on cash purchases, adware-spyware, ...that's life. Even the good old CCCP had its share of off books trading at all levels of 'controlled' production. Does anyone remember the nicked IBM XT and AT boards that were sneaking out of reclamation?

Why IframeDollars is Russian?

[verbovet]

ICQ number 291994264 and the address traff@mail.com belong to Alex Zemlickas from Lithuania.

The iframedollars.biz registration is, obviously, fake:
Vasiliy Pupkin
Online service
Bolshaya street
Lumumba
123456
Haiti
+1.23456789
welcome@abuse.com

Re:Why IframeDollars is Russian?

Because Vasily Pupkin is a classic metasyntactic name in Russian. (Sort of John Doe)

Re:Why IframeDollars is Russian?

[verbovet]

And "Bolshaya" means "Big" in Russian. Of course, the owner speaks Russian, all Lithuanians speak Russian. I fail to see from what it follows that the firm is Russian. Moreover, I doubt that there is a firm. Most likely a Lithuanian guy.

When can I pay for safety?

[dougTheRug]

The original idea of cable TV in the US (for those of you old enough to remember) was that you paid each month, but had NO COMMERCIALS. When can I start paying spyware companies to *not* infect my computer? That would seem a rather Russian type of solution to this problem.

Ha?

[noamsml]

I thought that by "misusing a computer", they meant "doing somethng against the interests of the rich people who bribe the congress".

Re:Ha?

[bluGill]

Maybe, maybe not. However the point is to protect yourself in case the FBI does take interest. When the FBI will take interest (it is unlikely they will, but they will place your report in a file, and if they take interest latter this may help the case) they cannot get you on any aiding and abetting charge.

Re:MS putting food on other peoples table once aga

[BeatRyder]

Aside from the fact that he can't spell worth spit, and as much as I want to flame the crap out of that AC, he does have a point. Now before you all start to flame me, I am a die hard gentoo user, a recent convert from MS Windoze. I switched due to the reasons in this article (spyware/adware). Now to my point. Yes Microsoft should have done better, but the fact is they don't care. As long as they keep putting out a new OS, and removing backwards capability and "legacy" features from the newer versions, the general public will eat it up. I am not a m$ fan at any level, but to make jokes about how a BSD or Linux box is unaffected, while its true, is somewhat misguided IMO. I have recently been doing some research on the topic, and I have found that ANY OS is vulnerable. If a person wants to go to a website, and it requires they install an activex control, no matter what you teach them they will click "ok". Anyone here who has ever had to teach their (grand)parents how to use a computer will know what I am talking about. So is it FUD to thank MS for building a platform that we can all profit from? Me personally, I hope they stick around for a while, fixing their mistakes is my bread and butter. Logically one could assume that if/when linux becomes as main stream as m$, it will be under attack in much the same way m$ is now. I feel it should be noted that OSS is not as safe as some people would like to think it is. I installed Firefox on my grandparents computer, and within a week, I found that "MyWebSearch" has apparently written a toolbar for Firefox!! Which is also notably difficult to get rid of.

Re:MS putting food on other peoples table once aga

[Feztaa]

Well, bugs are inevitable. Humans are fallible, software is made by humans, thus software has errors. Some software more than others ;)

The moral of the story is, no software release can ever be perfect. If patches are available, what more can the software vendor possibly do? At some point it has to be the user's fault for not being patched. Are we to fault the software vendor for not forcibly installing updates onto everybody's PC?

Why would anybody do this?

[Feztaa]

For just 6 cents per infected PC? I run a relatively low-traffic website and I make more than 6 cents per click on my google Adsense ads (in fact I'm averaging around 14 cents per click).

The sad thing is that this works on an economy of scale, and it's easier to infect a windows PC by simply viewing a website than it is to convince people to click on a targetted contextual link that has a half decent chance of actually interesting the viewer.

Re:Why would anybody do this?

>I make more on my google Adsense ads
>(in fact I'm averaging around 14 cents per click).

The miniskirt girl on the corner is averaging about 50 dollars per dick.

Re:MS putting food on other peoples table once aga

[Doc+Ruby]

Good engineers don't design for perfection. We design for fault-tolerance. Microsoft's architecture allows, some say encourages, bugs to persist. Auto-update patches should be core to their OS, and their apps should all use it. But even with that architecture, lots of MS patches are undesireable (XPSP2 is notorious, as were several for W2K). It doesn't have to be the user's fault for not patching - sysadmin is not their core competence, and MS doesn't make it easy enough that it will be. MS produces a system with problems that users can't be expected to surmount. That's the fault of MS, which started it, and which is the best place for change to fix the problem.

These guys are low

They, or somebody installing the code for them, found an exploit in the servers at the web hosting company I use. They inserted the line in everybody's home page back in April. I don't know for sure how long it was there but I'm still checking the pages regularly to see if it's come back.

Re:MS putting food on other peoples table once aga

[Ravatar]

Cars don't have their own mechanism to automatically check for defects from the manufacturer, and repair them while you sleep. Your comment was completely irrelevant.

Re:MS putting food on other peoples table once aga

[Doc+Ruby]

No, cars have other ways to protect users from needing to be mechanics. And the autoupdate systems for computers don't really work, or we wouldn't have this thread in which to discuss it. Just because you don't understand the metaphor, or the problem, doesn't make my comment irrelevant.

Re:MS putting food on other peoples table once aga

[xtracto]

+1 Insightful

Also, when something wrong happens to the user because of a car fault, it is possible to seek compensation from the car manufacturer, cars are not sold "AS IS" wtf is that "AS IS" term in software?? if I buy a hammer and when hammering the head flies and hit me I surely will rant to the manufacturer... "AS IS" lmao

Twitter: Life and times of a petulant cock-gobbler

Twitter, you're a petulant cock-gobbling sycophant to Linux Torvaldyos! Quit taking DP from ESR and RMS's feculent cocks and why don't you try to stop sucking quite so much? Get out of your parents' basement and see the real world - maybe then you'll see how pathetic you sound, with your neverending stream of bullshit about how Microsoft is stalking you. Wasn't it you who said that Microsoft believes your insane ranting is actually a threat to them, so they PAY PEOPLE to reply to you on Slashdot? No sir, I don't get any money. I do it for the love. Someone has to go up against your paranoid whining. So get back in your cage and shut the fuck up already.

Re:MS putting food on other peoples table once aga

[Ravatar]

Cars do not have ways to protect users from recall-worthy defects, otherwise what would the point be in a recall. Please take a moment to understand the metaphor before you use it. This thread discusses people who do how automatically update their systems, so it does really work when the user allows it to.

Re:MS putting food on other peoples table once aga

[Doc+Ruby]

You started out saying that MS has already patched all these exploits, so it's the users' fault if they're unpatched on their machines. I compared those machines to cars. If they had recall-worthy defects several times a week, like the serious security holes in MS products, and were treated the way MS treats them, then we'd be scanning the newspapers several times a week for the recall notices, and spend several hourse a week in a garage with our mechanics. Sure, manufacturers would actually be "recalling" the cars, so that scenario wouldn't happen. But software doesn't get recalled, it gets patched. That's what a metaphor is for: to let you think of an unfamiliar scene in terms of a familiar one. If we had to patch our cars several times a week, it would be an outrageous burden on us. It's no different for computers. Except that Microsoft apologists like you are determined to accept it.

You really are annoying. First you call my comment irrelevant, now you're insulting my use of a metaphor. All because *you* are incompetent to understand a simple metaphor, because you are determined to disagree with its clear implications. Drop the charade of authority, under which you flatter yourself by issuing directions to me to stop commenting. How about you get your head out of your ass, before I listen to a word you say?