Spam bots, keyloggers, porn, adware, Direct Revenue, 180solutions

Spam bots, keyloggers, porn, adware, Direct Revenue, 180solutions

Summary: Spam bots, keyloggers, porn, adware, Direct Revenue, 180solutions -- what do they have in common?

SHARE:
TOPICS: Malware
7

What do they have in common?  While doing spyware research yesterday, I was hit with a massive download of malware through an exploit and the payload included all of the above.  I blogged in detail at Spyware Warrior about the experience, including a video and logs to document the infestation.  All of the adware was installed without consent or notice. My payload included a keylogger, spam bot, 180search Assistant and a few files from Direct Revenue.  Today Sunbeltblog posted about a similar installation encountered by one of their spyware researchers.  Adware from 180solutions, Direct Revenue, SurfSidekick, BullsEye Network and ShopAtHomeSelect installed in conjunction with a spam zombie and rogue anti-spyware program, all of which started from a child porn site and were installed through an exploit.

This type of massive infestation is becoming more common in recent months just as Webroot's State of Spyware report states on pages 13 and 27.  Who is benefiting?  Certainly not internet users; however the adware companies, the affiliates and advertisers are making money with every install.  Ben Edelman's write up Intermediaries' Role in Spyware is applicable. And let's not forget Investors Supporting Spyware.

In other adware news today, Wayne Porter. blogs at ReveNews about For Whom The Bell Tolls- Tomes of Grey Part I and interviews David Eastbrook of Hurricane Digital Media and asking questions about Direct Revenue's possible connection to a phony ad network that allegedly defrauded Hurricane Digital Media for $54,000. Eastbrook talks about "a vast array of other phony networks, lots of defrauded publishers, and direct ties between the party that hit us and a major "spyware" company."  Paperghost talks about the biggest adware expose and New Media picks up the story.

Topic: Malware

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

7 comments
Log in or register to join the discussion
  • Irony?

    [i]"While doing spyware research yesterday, I was hit with a massive download of malware through an exploit and the payload included all of the above. "[/i]

    Surfing the net while logged on as an admin again eh? I certainly hope you were partaking in this dangerous activity for the sake of reasearch, and not out of ignorance.
    toadlife
    • Re: Irony?

      >> "While doing spyware research yesterday, I was hit with a massive download of malware through an exploit and the payload included all of the above. " <<

      > Surfing the net while logged on as an admin again eh? I certainly hope you were partaking in this dangerous activity for the sake of reasearch, and not out of ignorance. <

      I've seen these types of web-initiated mass infections occur on Win2K PCs while logged in as a Power User.

      The days of spyware needing Admin privs to seriously infiltrate a PC are over.
      crm_z
      • How?

        They couldn't have been activeX exploits, as ActiveX apps simply cannot be installed as a power user.

        How were they infected? What avenue of infection was used?

        Do you have a link?
        toadlife
  • Heh, disgusted, but in a slightly different way

    "Adware from 180solutions, Direct Revenue, SurfSidekick, BullsEye Network and ShopAtHomeSelect installed in conjunction with a spam zombie and rogue anti-spyware program, all of which started from a child porn site and were installed through an exploit. "

    So the adware was upsetting enough to write an article, but the child porn you were browsing was ok? Some people's morals are very interesting.

    ROh
    robert_harmon9
    • Good catch

      I saw that too, but couldn't believe that this person was actually on a web site that provides child porn. I'd like a clarification on that.
      ejhonda
    • Just Wondering?

      How did you know it was a child porn site? Could be that you visit that site?
      marshcam
  • RE: Spam bots, keyloggers, porn, adware, Direct Revenue, 180solutions

    http://www.analogstereo.com/lamborghini_350gt_owners_manual.htm
    jj_forums