Spam bots, keyloggers, porn, adware, Direct Revenue, 180solutions

What do they have in common?  While doing spyware research yesterday, I was hit with a massive download of malware through an exploit and the payload included all of the above.  I blogged in detail at Spyware Warrior about the experience, including a video and logs to document the infestation.  All of the adware was installed without consent or notice. My payload included a keylogger, spam bot, 180search Assistant and a few files from Direct Revenue.  Today Sunbeltblog posted about a similar installation encountered by one of their spyware researchers.  Adware from 180solutions, Direct Revenue, SurfSidekick, BullsEye Network and ShopAtHomeSelect installed in conjunction with a spam zombie and rogue anti-spyware program, all of which started from a child porn site and were installed through an exploit.

This type of massive infestation is becoming more common in recent months just as Webroot's State of Spyware report states on pages 13 and 27.  Who is benefiting?  Certainly not internet users; however the adware companies, the affiliates and advertisers are making money with every install.  Ben Edelman's write up Intermediaries' Role in Spyware is applicable. And let's not forget Investors Supporting Spyware.

In other adware news today, Wayne Porter. blogs at ReveNews about For Whom The Bell Tolls- Tomes of Grey Part I and interviews David Eastbrook of Hurricane Digital Media and asking questions about Direct Revenue's possible connection to a phony ad network that allegedly defrauded Hurricane Digital Media for $54,000. Eastbrook talks about "a vast array of other phony networks, lots of defrauded publishers, and direct ties between the party that hit us and a major "spyware" company."  Paperghost talks about the biggest adware expose and New Media picks up the story.