Adware company DirectRevenue has settled the class action lawsuit brought last year in the state of Illinois. Under the settlement terms,

• DirectRevenue will destroy any personally identifiable information about computer users including Social Security Numbers, bank account information, email addresses, etc. and must no longer collect such information.

• DirectRevenue will force users to affirmatively accept installation of their software and disclose information about the functionality of the software separate from the EULA.

• DirectRevenue is prohibited from installing software by Active X, security exploits or any other method that does not require users’ affirmative consent.

• DirectRevenue will not distribute software at sights targeted to children.

No cash settlement is included for class members, but it allows individuals to file claims against DirectRevenue for damages. Settlement agreement and notice of proposed settlement.

[Via ZDNet -]

A report conducted by the Australian Consumers’ Association found that most new PCs come packaged only with very basic trial (and not up-to-date) anti-virus software.

Most computers connect to the internet and we think all computers should be sold with a full internet security package rather than a couple of months’ protection against viruses and worms.

Considering that it takes only a few minutes to "zombify" an unprotected networked PC, this report underscores a major threat to the security of the Internet - as long as vendors to not provide adequately protected PC to new users, there will always be a pool of proud new PC owners who would provide easy targets to botnet operators.

[Via CNET.com.au, Australia -]

If you are in the vicinity of Washington, DC on February 9th, you might want to check out the Anti-Spyware Coalition Public Workshop: Defining the Problem, Developing Solutions. The folks at the Anti-Spyware Coalition have a great lineup of topics and presenters.

Registration is free for government, education, non-profit, and press. All others should be able to pay $250. I will be attending, and I hope to see many of our readers there. Feel free to drop me a note if you plan on attending.

In a high-profile Windows Metafile attack, users visiting AMD’s website forums started receiving all kinds of anti-virus and anti-trojan notices by their security software. The reason - the forum webpages were modified to include a link to a malicious Windows Metafile image hosted on a .biz site (which are famous for their predominantly non-legitimate use.)   

While not necessarily a hacking attempt, the incident shows how recent Windows vulnerabilities can be combined with relaxed forum posting guidelines to create a wide-scale attack. Reports indicate that AMD’s forum pages have external php scripts that are loaded with the iframe tag in the webpage. One of those scripts, in turn, calls up a 16 kilobyte image called xpladv586.wmf that was being hosted at a *********[edited out].biz, which is a well-known adware site. [CNET has a screenshot]

It is interesting to follow-through on the story and see if AMD would seek any damages against the operators of the site purportedly trying to install adware.

• First, it was the consortium. Then the guidelines came.

The Anti-Spyware Coalition, having as members software and media companies such as Sun, Google, McAfee, has announced standard guidelines for defining spyware and for testing anti-spyware products.

"Few product testers currently document their test samples or methodology," the companies said in a statement. "Many use very small sample sets in their testing environments. As a result, there is no distinguishable benchmark for comparison."

While having some firm standards and benchmarks for comparison is nice, hopefully fighting spyware does not become a lower priority than creating guidelines, definitions, or otherwise red-taping the process.

[Via CNET News.com, CA -]

What a great way to start the new year - a zero day vulnerability in WMF format. And while many of us are enjoying time away from the desks, adware/spyware/phishers are not wasting time and building on the vulnerability.

Websense’s Security Labs alert has a great writeup on how adware vendors are using this vulnerability to install spyware on Windows computers.

Currently the Exfol and Freecat.biz websites are distributing exploit
files that are utilizing the WMF vulnerability, which allows the
un-authorized running of applications. The files are Trojan
Downloader’s which download and run files from the freecat.biz website
and are named: pawn001.exe through pawn009.exe. Upon viewing any of the
MWF files the end-users machines downloads and runs one of the
aforementioned files. The files themselves are designed to install
several pieces of Potentially Unwanted Software. In several cases these
report that your machine has been infected with Spyware and that you
may have security problems on your machine. You are then prompted to
purchase software from one of the affiliates in order to clean your
machine. At this time the current prices we saw was $29 per quarter
year.

It is interesting that the company peddling this software is registered in the Vanuatu (in South Pacific) and the sites are (as of the time of this posting) hosted in South America. Of course, it is possible for a legitimate business to be registered in the Vanuatu and host ouf of South America, but somehow this arrangement has a bad odor.

[Via ZDNet -]

Misrosoft promises that its newly announced "Microsoft Defender" will be able to detect and clean the Sony rootkit installed when a Sony CD is played on a Windows/Mac machine.

Microsoft had to take a side in this dispute, after all other security firms such as Symantec and McAfee have already announced plans to treat Sony’s software as malicious (which it is, isn’t it?) and protect against it. Sony doesn’t have to complain much however; Microsoft’s Vista operating system will have the DRM protection built-into the kernel of the OS so that the Sony’s of tomorrow would not have to make their own weak attempts to write DRM protection mechanisms - Microsoft will give it to them "for free."

Did anyone not anticipate this? Sony is in the crosshairs of several big legal guns. The Electronic Frontier Foundation (EFF) is currently investigating whether Sony’s anti-piracy tactics justify the filing of a class-action suit. In addition, the Electronic Frontiers Italy on Friday filed papers with authorities claiming Sony BMG was responsible for "illicit actions" in Italy and seeks "penal denunciation"  against the company for secretly inserting software into consumer computers.

his is exactly what happens with spyware that gets installed on people’s computers, they have these 27-page license agreements in which you totally agree to let them infest your computer with all kinds of stuff you really don’t want. But it’s all kind of buried in the fine print and I think to allow companies like Sony BMG to do the same thing is heading down a bad path.

- Jason Schultz, EFF

Can anyone help me understand the legal significance of "penal denunciation" under Italian law?

[Via InternetNews.com -]

Spyware lawsuit was filed against 180solutions for allegedly illegal practices including deceptively distributing spyware files and preventing users from removing them, engaging in deceptive misconduct to download its spyware without users’ knowledge or consent, lying to consumers about its spyware, etc.

The counts are based on Electronic Communications Privacy Act/Wiretap Act (United States), Trespass to Personal Property/Chattels, Consumer Fraud Act, Negligence, Computer Tampering and Invasion of Privacy, (Illinois).

At the bottom of page 14, it states "180solutions intended to profit,
and did actually profit from its wrongful conduct by being able to
obtain more adverting money by virtue of being downloaded onto more
computers" and 180solutions knew that its conduct was deceptive and
misleading […]"

Lately, 180solutions has taken steps to buff its image. Just recently 180solutions introduced a new version of its software that was designed to ensure that consumers consent to the product before it’s installed on their computers. 180solutions also sued seven former distributors for allegedly installing the company’s software without first obtaining consumers’ permission; since January, the company has ended relationships with 500 distributors. Even with all this PR (or a genuine effort to reform) - 180solutions is under fire.

Does anyone have a version of the complaint so we can analyze the claims better?

[Via ZDNet -]

Microsoft giveth, Microsoft taketh.

Microsoft may be looking to expand its AntiSpyware tool to detect the remote system monitoring tools known as "rootkits".

It is interesting how while Microsoft is trying to expand its anti-spyware software [arguably] in order to capture larget anti-spyware software market share, it is trying to acquire an [arguably] spyware-making company, Claria. So what will happen? People will trust Microsoft Anti-Spyware for all their protection needs, and Microsoft will open the door wide to Claria-written bugs and pop-up generators. Hopefully I am wrong.

[Via Techworld.com, UK -]

« Previous entries