More 'Rogue' Trouble for 180solutions
Anti-spyware activist and Harvard Ph.D. student Ben Edelman has just put up another one of his "gotcha" videos that he says documents "rogue" -- i.e., non-consensual -- installs of adware, this one from a Web site getting paid by 180solutions to install its Zango Search Assistant software.
Ben explains in the usual delicious detail:
"I was browsing an ordinary commercial Web site, when I got a popup from exitexchange.com (a major U.S. ad network, with headquarters in Portland, Oregon) . The popup sent me to a third party's Web site. (I'll call that third party "X" for convenience. ... ) Then X ran a series of exploits to take control of my test PC, including using the widely reported WMF exploit uncovered last month." (This was the flaw in Internet Explorer that allows Web sites to install whatever they want on visiting PCs browsing malicious sites with IE. Microsoft patched this flaw last week.)"
"Once X took control of my PC, X caused my computer to install and run 180solutions Zango software, among a dozen other programs. Notably, X fully installed 180's Zango without me taking any action whatsoever -- without me clicking "I agree," "Yes," "Finish" or any other button of any kind."
While Ben's machine was not infected with a bot, this matches the type of trickery the two botmasters I profiled in my recent Post magazine story used to make sure victims had no opportunity to click "no" to decline installation.
From my story:
"0x80 and Majy don't leave computer owners any chance to decline the adware. Once they invade a computer and add it to their botnet, they use automated keystroke codes to order the enslaved machine to click 'OK' on installation agreements."'
The Center for Democracy & Technology, a nonprofit public-policy group in Washington that's leading an entity called the Anti-Spyware Coalition, last month filed a detailed report asking the Federal Trade Commission to sue 180solutions, alleging that the company violated consumer-protection laws by repeatedly failing to prevent rogue installs of its adware products. 180solutions, in response, has said its new anti-fraud technology, which it has dubbed "S3," would prevent such installs going forward after January 2006, when the system was to be put in place.
But according to Edelman's video, X installed Zango on his test machine despite the new S3 protections. Ben says he expects "to provide (and in some cases already [has] provided) this information to law enforcement officials considering action against 180solutions, to private attorneys in litigation against 180solutions." Things are looking darker for 180 by the day.
Posted by: omar c | February 20, 2006 3:43 PM | Report abuse
Posted by: Bk | February 20, 2006 4:16 PM | Report abuse
Posted by: drew | February 21, 2006 12:42 AM | Report abuse
Posted by: Pete | February 21, 2006 2:18 AM | Report abuse
Posted by: Adam Jacob Muller | February 21, 2006 6:52 AM | Report abuse
Posted by: Anonymous | February 21, 2006 10:42 AM | Report abuse
Posted by: Ken L | February 21, 2006 1:17 PM | Report abuse
Posted by: Ken L | February 21, 2006 1:51 PM | Report abuse
Posted by: tweak | February 21, 2006 2:12 PM | Report abuse
Posted by: Mark Odell | February 21, 2006 4:19 PM | Report abuse
Posted by: r | February 21, 2006 8:10 PM | Report abuse
Posted by: Asa Simmons | February 21, 2006 11:01 PM | Report abuse
Posted by: Kaisa | February 21, 2006 11:12 PM | Report abuse
Posted by: nobody | February 22, 2006 2:30 PM | Report abuse
Posted by: Larissa | February 22, 2006 5:42 PM | Report abuse
Posted by: atrivo | February 24, 2006 3:50 PM | Report abuse
The comments to this entry are closed.