Network News

X My Profile
View More Activity

Oprah, KFC and the Great PC Cleanup?

Last week, Kentucky Fried Chicken stores around the nation struggled to accommodate a surge of roughly 4 million new customers, after Oprah Winfrey told viewers of her show that they could get a free meal at KFC by printing out an Internet coupon. By most accounts, the marketing gimmick was a disaster, but it got me thinking about Oprah's sheer ability to mobilize the masses. I wondered: How much badness on the Internet would disappear overnight if Oprah suggested that her devotees download, install and run a set of free PC security scanning tools?

Probably quite a bit, or at least enough to register a notable drop in global spam volumes, malicious software attacks and other activity that depends largely on remotely compromised PCs or "bots" to do most of the grunt work.

Estimates of just how many systems are infected by bot programs vary widely, but even by the most conservative estimates, a similar response by 4 million Oprah viewers could make a huge difference.

Some pundits -- like Google's chief Internet evangelist Vint Cerf -- have estimated the number of comprised PCs at 100 million to 150 million worldwide, or 25 percent of all PCs connected to the Internet. Most experts I know, however, think that number is too high. In a recent report on the Conficker worm, researchers at IBM estimated that roughly one out of every 25 PCs, or 4 percent of all PCs online, was infected with Conficker.

Now, bear in mind that Conficker is just one family of bot programs out of dozens currently being used today by malicious hackers to remotely control infected systems. But for the moment, let's use IBM's Conficker numbers, and assume that 4 million Oprah viewers were to install and run three very easy-to-use programs -- say Superantispyware, Malwarebytes, and Trend Micro's Housecall online virus scanner.

I mention the first two tools because they almost always bring immediate results when someone complains to me about PC slowness, browser hijackers, and other computer maladies. I recommend an online virus scanner like Trend because it is free and does not interfere with any anti-virus software that may already be installed on a participant's machine.

Getting back to the numbers: If 4 million Oprah viewers -- a fraction of her viewership -- were to run these tools -- and just one in 25 respondents found and removed a bot program -- that could potentially clean up 160,000 systems. That's almost equal to the size of the largest botnet in circulation today, the Cutwail botnet, which currently controls an estimated 175,000 computers, according to research by Joe Stewart, director of malware research at Atlanta-based SecureWorks.

Cutwail is closely tied to a family of malware called "Pushdo," which Internet security firm Marshal8e6 says is currently the largest spam botnet on the planet - responsible for more than 27 percent of all spam sent globally each day.

Dmitri Alperovitch, vice president of threat research at McAfee, said he liked the idea, but that it would only make a lasting difference if Oprah dedicated an entire show to helping more people understand basic street smarts about staying safe online.

"It's not enough to do a scan and remove the malware, because unless you educate people not to do the same thing again, it will happen over and over," Alperovitch said.

By Brian Krebs  |  May 11, 2009; 2:35 PM ET
Categories:  From the Bunker  | Tags: kfc, malware-kickin good, oprah challenge  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   StumbleUpon   Technorati   Google Buzz   Previous: ZeusTracker and the Nuclear Option
Next: Pirated Version of Windows 7 Has Malware Built-in


Lots of the recipients of Oprah's message were people at work. Oprah's marketing disaster translated into a strain on all the employer computer networks that had to support the traffic for publicizing, downloading & printing the KFC coupons.

Posted by: benjaminwright | May 11, 2009 3:25 PM | Report abuse

@benjamain -- That's a great aspect of this story that I wasn't aware of. Thanks for the link.

Posted by: BTKrebs | May 11, 2009 3:42 PM | Report abuse

...not to mention the strain on all of their waistlines. Perhaps Oprah can dedicate a show on PC security awareness/healthy eating habits and do us all a favor.

Posted by: steve-o2 | May 11, 2009 4:06 PM | Report abuse

I've recommended this education avenue for years. See:

Posted by: dannyg1 | May 11, 2009 4:35 PM | Report abuse

4 million Oprah viewers? That's too many people with too much time on their hands.

Mobilization of the LOSERS.

Talk about greed? Free KFC and watch all of these folks come running out like cockroaches after the lights go out.

I'll stick with Chik-Fil-A. It may cost a bit more, but it is well worth it.

Posted by: Computer_Forensics_Expert_Computer_Expert_Witness | May 12, 2009 12:38 AM | Report abuse

The story about Oprah jamming up the internet circuits was great. I know it never crossed her mind about it being a problem. She thinks and reacts useing her heart as a guide. Oprah is the most Wonderful Women of the 20 th Centry and I believe she will be also for the 21 st Centry. I wish we had more people like her but they probly broke the mold and said the world only deserves one person like her. I know this is not what you wanted to here, but I sure wanted to print out how I felt. One person can sure make a difference in this world of so much going on in this world today. I sure wish Icould afford to meet her personally, (Oprah is a GREAT LADY)

Posted by: midnitestar007 | May 12, 2009 1:05 AM | Report abuse

>>In a recent report on the Conficker worm, researchers at IBM estimated that roughly one out of every 25 PCs, or 4 percent of all PCs online, was infected with Conficker.

No, that's not what the report said. The computerworld report said that conficker.c controlled 4% of all infected PCs. Note that it puts the botnet size at 1.3 million, which is 4% of 32,500,000, which is also a much smaller total bot population than you estimate.

Posted by: lseltzer | May 12, 2009 7:19 AM | Report abuse

Brain -

I wish you would have done a little more research on this article. The service used to print these coupons can actually be SPYWARE. - So, in fact, Oprah did the exact opposite of what your article was suggesting. Below is the link that describes the flaws in the spyware -

Posted by: Provider | May 12, 2009 8:23 AM | Report abuse

Provider -- I haven't heard any reports of the coupons in this case being spyware. As far as I can gather, there was no software involved. People just needed to print out a coupon from a Web page.

In any even, I think you might be missing the point of this article, which is to say that people like Oprah can have a pretty major impact on security just by giving people some simple advice.

Posted by: BTKrebs | May 12, 2009 9:34 AM | Report abuse

@Provider -- Ah. I see you were in fact CORRECT: That the KFC site DID require the installation of some software to print these coupons. I had not investigated this angle, but it does appear that software from got installed.

Posted by: BTKrebs | May 12, 2009 10:19 AM | Report abuse

The catch is, are most Oprah watchers bright enough to run the software ? Or are the anti-virus vendors software simple enough for the "jane six pack" crowd to find, download, run, and act on whatever the software finds ?

Posted by: k5user | May 12, 2009 10:33 AM | Report abuse

Hi Brian,

I think this is a great idea. I have a few concerns though:

-How does one make the tools easy enough to acquire and use that Oprah's entire viewing audience would not be intimidated about doing so?

-There needs to be a tangible reward for running the tools (Like one gets to print out a coupon for free when the scans have completed). I imagine that many people printed out the coupon for love of free chicken, not for love of Oprah. A clean computer is great, but not immediately rewarding.

-The above brings to mind the issue of do we as security professionals really want to train people to fall into social engineering traps?

Posted by: blankraven | May 12, 2009 1:04 PM | Report abuse

I am usually at work, so I don’t watch Oprah, but some of you people apparently just need a place to, uh, lets say vent. As I am sure some of Oprah’s audience is probably smarter than some of the posters who frequent this blog! Brian’s post today isn’t about eating food, waistlines or the like. The Oprah audience would have picked up on that! And as Dmitri Alperovitch said an hour-long show might help millions, even some of you!!

Posted by: ummhuh1 | May 12, 2009 1:14 PM | Report abuse

Hi BK - actually you *did* have to install some type of software on your computer in order to print the coupon. My wife tried to do this on here limited-rights account on an XP machine. It failed to load with a message saying that you need administrator rights to install the software. When my wife told me what happened, I told her *not* to try to install with administrator rights because either a) the people who wrote the software are incompetent or b) there is some sort of spyware in the program. I don't know for sure if there was spyware or not in the KFC coupon download, but this is really an idiotic thing for Oprah to do - to recommend people install some sort of unknown software on their computers just to get a free chicken leg (or whatever it was).

Posted by: boboran | May 12, 2009 1:26 PM | Report abuse

My family didn't get to participate in the KFC coupon deal when they realized that they'd have to download software that they didn't know anything about, in order to print the coupon. But too many people think it is only about the antivirus/spyware software that they use and not the way they use their computers. Unfortunately, their computers will only get infected and/or hijacked again. ...It is amazing to see how many people were mobilized by Oprah lol! My 87 year old mother called long distance to leave a message on our home phone, that Oprah said to "Go on that internet to get a coupon."

Posted by: Jackson2 | May 12, 2009 3:10 PM | Report abuse

I'd rather she suggest all the viewers take some household chemicals that would lead to kidney failure.

Posted by: Curmudgeon10 | May 12, 2009 3:41 PM | Report abuse

I never got prompted to install any software when I retrieved the Oprah chicken coupon. What I did, though, was to right click on the link and choose "Open in new window" and voila, there was a PDF file to print out.

Posted by: SportzNut21 | May 12, 2009 4:20 PM | Report abuse

Instead of Oprah would it not be even better if the US government would provide free software to Americans to protect computers.

Oops I forgot we must never get in the way of American business and free enterprise. The needs and interests of the American government or American people must never come before the needs to make a buck.

Posted by: bsallamack | May 12, 2009 6:27 PM | Report abuse

Regarding the link in Provider's comment. I submitted this issue to SANS ISC. Not so much because anyone has confirmed the existence of malware in the installed software (in this case,'s couponprinter.exe) but because of the implications of a very high profile media personality making slightly careless software recommendations for companies of dubious honesty, or with grey EULA reputations, such as Real Networks or Gator Software.

Fact is, computer security is not as interesting as tasty chicken and so about all we will get out of high profile moguls for now is stuff like the 60 minutes Conflicker mania.

Posted by: br0dely | May 13, 2009 11:31 AM | Report abuse

Trend Micro's Housecall took well over 15 minutes of allegedly checking my Firefox Browser an 'Platform' and was still not ready to start.

F-Secure's Online Security scan took less than 1 minute to do a browser add-on for Firefox and then probably another 20 to download scan software BUT IT DID tell you what percentage was being downloaded as it went along.

Is there something special about Housecall where one should go to sleep for 1/2 hour while it allegedly checks Firefox and 'the platform?' Is there then another 20 to 30 minutes to also download their search software?

Or did I perhaps do something wrong with Housecall but not with F-Secure?

Posted by: | May 16, 2009 7:49 AM | Report abuse

The comments to this entry are closed.

RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company