Two anti-spyware programs are better than one

Learn to Remove Spyware With Free and Available Programs! Click me

By BILL HUSTED

Cox News Service

Q: We have installed SpyBot Search & Destroy on our computer. But we recently read that after installing and running one anti-spyware program, a different one should be installed and the scan re-run. This seems to us to be unnecessary and possibly could cause a problem.

- Lorlee and Russell Hoff, Dayton, Ohio

A: Congratulations on making your computer safer and faster with SpyBot. It's an excellent - and free - anti-adware program (available at www.download .com).

Actually, there is an argument for using two separate anti-spyware programs.

These programs use a database of information about known adware and spyware programs to identify threats. That's why it's important to update the program regularly so it can recognize threats that came along after you installed the program. But even with a program that is updated regularly, it's likely there are some threats not in the database.

By using two programs, you increase the chances more threats will be recognized. In most cases, there are no conflicts. But I can make no promises about that.

Q: Yesterday I purchased a 42-inch plasma HDTV, and the salesperson suggested getting a $300 surge protector called Monster Power HTS 1600 Power Center. Is this necessary?

- Ray Matulis, Atlantis, Fla.

A: There's a pretty good argument for devices that filter AC power. I took a slightly less expensive option, a UPS, that is actually better. Just as I protect my computers with an uninterruptible power supply, I've added one to my HDTV.

Whether you decide on a surge protector or a UPS, make sure it's powerful enough for the job.

eSoft Gateway Anti-Spyware Protects Against Spyware Delivered Via Email

Learn to Remove Spyware With Free and Available Programs! Click me

April 11, 2006 (12:00 PM EST)
PRNewswire

BROOMFIELD, Colo., April 11 /PRNewswire/ -- eSoft, Inc., a leading vendor of integrated Internet security and content management solutions, announced today the availability of its latest Anti-Spyware update, which offers enterprises protection against Spyware delivered via email attachment as well as those downloaded from websites.

"According to Webroot's most recent State of Spyware Report, malicious Spyware threats increased by over 200% in 2005," said Jeff Finn, president and CEO of eSoft. "We continue to see increases in Spyware activity linked to criminal behavior. These Spyware threats installed by unaware end users come through a variety of delivery methods including via email attachment and bundled in free downloads Today's update protects our customers against these threats, regardless of delivery mechanism."

At the Gateway, eSoft combines signature matching, intrusion prevention and web filtering techniques to detect and prevent Spyware from infecting the network, whether delivered through website, email or any other delivery mechanism. eSoft also detects infected computers on the internal network and blocks them from sending private data to Internet collection sites.

Availability

eSoft updated Gateway Anti-Spyware is available for both InstaGate and ThreatWall appliances immediately. More information can be found at http://www.esoft.com/products/softpak_gwas.cfm .

About eSoft Inc.

eSoft is a leading provider of integrated Internet security solutions offering organizations of all sizes unparalleled protection from dynamic Internet-based threats. eSoft's award winning InstaGate(TM) and ThreatWall(TM) platforms offer high-performance Deep Packet Inspection security services including Firewall, IPSec VPN, Anti-Virus, Anti-Spam, Anti-Spyware, Intrusion Prevention, Web Content Filtering, Email Content Filtering and even Web, Email, File and FTP servers. eSoft solutions are based on purpose-built hardware platforms and optional security software modules called SoftPaks(TM), which are distributed and maintained through eSoft's patented SoftPak Director(TM) technology. Overall, the eSoft solution offers the IT manager extreme simplicity and flexibility when deploying and managing network security, resulting in less time demands on IT staff, a reduced need for in-house security expertise, and a lower total cost of ownership.

CONTACT: Samantha Leggat of Lighthouse Public Relations, +1-925-447-5300, samantha.leggat@earthlink.net, for eSoft, Inc.

Web site: http://www.esoft.com/products/softpak_gwas.cfm/ http://www.esoft.com//

N-able teams with McAfee to provide security services

Learn to Remove Spyware With Free and Available Programs! Click me

y Ottawa Business Journal Staff
Wed, Apr 12, 2006 12:00 PM EST

Ottawa's N-able Technologies has teamed up with McAfee to offer a new set of anti-virus and anti-spyware services to small and medium-sized businesses.

The anti-spyware service consists of automatic spyware prevention and removal software that detects, blocks and cleans spyware before it transmits confidential information and files to unauthorized parties.

The anti-virus offering provides 24/7 protection by scanning desktops and services for viruses and removing threats before any damage ensues.

The new anti-spyware and anti-virus software services are sold together and present a sizable market opportunity for value-added resellers and managed service providers looking to break into managed services or simply to expand their existing lineup of managed security service capabilities.

"By incorporating McAfee's technology into our solution, we've brought to market a powerful duo of managed security software offerings for the desktop and the network," says Bill Stewart, vice president of marketing at N-able Technologies. "These new services make it easier and more profitable for our MSP partners to meet the growing security demands of SMBs."

Not all adware is badware

Learn to Remove Spyware With Free and Available Programs! Click me

There is a lot of confusion among Internet users as to the difference between adware and spyware.

Adware--generally defined as software installed by consenting users seeking free, value-added services in exchange for exposure to advertisements--is often confused with, or used interchangeably with, the term spyware--advertising-based software often installed without the user's knowledge or consent. As a result, adware is frequently, yet inappropriately, treated like spyware as a virus or malicious software by anti-spyware programs.

To end this confusion, adware vendors and marketers must do a better job of teaching consumers and the software industry how to distinguish adware from spyware. After all, the notion of providing services in return for viewer eyeballs is not new and is comparable to viewing advertisements in any other medium, such as network television, radio and newspapers.

The mere fact that the software is showing ads should not taint it as illegitimate or cause users to associate it with malicious software.

However, when legitimate adware is listed in an anti-spyware scanning process, it acquires an unjustified negative reputation and falls victim to a serious churn problem that afflicts much legitimate software, since users usually eliminate the application by clicking on a default button to "clean" or "remove" suspicious software.

Industry leaders such as Symantec have come to recognize the need to differentiate between adware applications and also between vendors that practice 100 percent transparency and those that do not. As such, 100 percent transparent advertising-based software will be classified by Symantec as low-risk with the recommendation not to remove. That provides users with the choice, and it is a meaningful step for the whole industry.

I would like to go further and see a day when the term "adware" is reserved for platforms created solely for displaying ads, while the term "ad-supported software" is applied to programs that provide consumer benefits in return for exposure to commercial messages.

I also propose that we in the industry who produce legitimate adware and ad-supported software adhere to any guidelines set by online-privacy watchdog Truste and adopt the following practices and guidelines:

• Adware should never be part of a third-party bundle deal or have any affiliate distributors. It should be downloaded only directly from the company's Web site.
• All advertisements should be easily identified and clearly labeled with the company's brand so that the association between the advertisements and the adware is totally transparent. Users should understand that instead of paying for the software, they are getting advertising.
• Software should be clearly identifiable in the standard Windows add/remove programs list so that a simple and complete uninstall option is available at any time.
• Software should be prominently displayed on computer systems, with a clear interface on the desktop to ensure that users are fully aware of its existence. It is not acceptable for adware or spyware to run behind the scenes, operate in stealth mode or in any way deceive consumers about its existence.
• Adware makers should offer ad-free (yet paid) versions of their software.

Adware companies that follow these rules of transparency should not be viewed as threats and should not be detected by anti-spyware/antivirus vendors. I also hope that those vendors embrace Truste's certification and respect it by not detecting certified software. Until then, anti-spyware vendors will continue to unjustly categorize much adware as malicious software.

Microsoft Fixes 14 Flaws

Learn to Remove Spyware With Free and Available Programs! Click me

Three of the bulletins were tagged as "critical," one as "important," and the fifth as "moderate"--the last being Microsoft's second-from-the-bottom alert.

By Gregg Keizer
TechWeb.com

Apr 11, 2006 04:39 PM

Microsoft Tuesday released five security bulletins that patched 14 different vulnerabilities, including an awaited fix for Internet Explorer, the browser which has been victimized for weeks by multiple exploits installing adware, spyware, and keyloggers on users' PCs.

Three of the bulletins were tagged as "critical," one as "important," and the fifth as "moderate;" that last is Microsoft's second-from-the-bottom alert.

However, the majority of the 14 bugs in the 5 bulletins were labeled "critical" by the Redmond, Wash. developer, meaning that they should be patched as soon as possible. Of the 9 critical flaws, 7 relate to the MS06-013 security bulletin, a massive update for Internet Explorer 5.0 and 6.0 (but not, apparently, the Beta 2 Preview of IE 7).

Still, said one analyst, the bugs aren't anything out of the ordinary.

"It's the same sort of thing we get every month," said Mike Murray, director of research at vulnerability management vendor nCircle. "There's not really anything that's surprising here."

Another security expert agreed. "The createTextRange vulnerability [patched in MS06-013] is significant, but only because of the publicity and hype it's received," said Jonathan Bitle, a product manager with vulnerability management software maker Qualys.

createTextRange was the name given to an IE bug discovered three weeks ago, and quickly exploited by several hundred malicious Web sites to secretly download spyware, adware, and other malicious programs on users' machines.

Of the remaining 9 bugs fixed in MS06-013, 2 had been made public previously; however, although proof-of-concept code was in the wild, Microsoft claimed that no active exploits were circulating.

"It's hard to be surprised anymore by IE vulnerabilities," said nCircle's Murray.

Among the newly-revealed flaws was one dubbed "Address Bar Spoofing Vulnerability." However, it is not a fix for the bug noted by Danish vulnerability tracker Secunia last week, but instead is an entirely different -- and previously undisclosed -- potential phishing exploit.

Two other bulletins were judged "critical" by Microsoft: MS06-015, which Symantec dubbed "Windows XP Self-Executing Folder Vulnerability," and MS06-014, which affects Windows MDAC (Microsoft Data Access Components), those parts of the operating system used to access SQL databases.

Both flaws can be exploited by attackers who could take complete control of a PC if they could lure users to malicious sites or get them to open e-mail attachments.

"Both of these are in the same sort of category as the IE vulnerabilities," said Murray. "Both could be used in the kind of user-interaction scenarios we've been seeing for some time.

"When you're talking about user interaction vulnerabilities, whether it’s a shell bug [MS06-015] or in MDAC [MS06-014], it's all about the same," Murray added.

The fourth and fifth bulletins unveiled Tuesday impact Outlook Express, the free e-mail client bundled with Windows ( MS06-016) and Microsoft Office's FrontPage Web design application ( MS06-017). The former was labeled "important," the latter "moderate" by Microsoft.

A large number of the vulnerabilities disclosed Tuesday must be patched even by those running Microsoft's most-current operating system, Windows XP SP2, which debuted over two years ago and has been heralded by many as much more secure.

"We are seeing more vulnerabilities for SP2," admitted Murray, "but what we're not seeing are remote vulnerabilities. All the vuls we're seeing require you to click on something or download something. What SP2 did is eliminate those remote vulnerabilities."

Qualys' Bitle seconded that.

"There's no more of what I call 'outside-in' threats," he said. "Instead, it's all 'inside-out' since SP2 was released. Firewalls and perimeter defenses can't stop users from visiting malicious sites."

Both were hopeful, Murray more so, that the upcoming Windows Vista and IE 7 would continue the trend toward locking down the operating system and making it more difficult for users to blithely surf to suspicious sites.

"Look at the vulnerabilities," urged Murray. "There are not that many that affect Windows [Server] 2003. That's because it's locking down the browser more.

"Microsoft is doing the right things to mitigate problems as time goes on. With Vista and IE 7, the OS and browser will be more locked down. Then attacks will turn to e-mail clients.

"And then we'll have to lock them down more."

Users can obtain the month's patches via Windows' Automatic Update, from the Microsoft Update service, or through other software and services the company maintains, such as Windows Server Update Services (WSUS) or Software Update Services (SUS).

Microsoft helped write Oklahoma computer law

Learn to Remove Spyware With Free and Available Programs! Click me

The good people of Oklahoma asked Microsoft to help the State write a new law banning spyware, and the results are amazing.

Apparently the state was so impressed with Vole’s work on the law it plans to bring it before its government for debate under the fairly harmless title "Computer Spyware Protection Act House" Bill 2083.

The law is amazing, not only because it is probably the first written overtly by a major company without bothering with the tedious problem of lobbying, but because… well it is written by Microsoft, what do you think could go wrong?

West Coast Labs Grants Anti-Spyware Gateway Certification To Aladdin Knowledge' ESafe Virtual Appliance - Quick Facts

Learn to Remove Spyware With Free and Available Programs! Click me

(RTTNews) - Aladdin Knowledge Systems (ALDN | charts | news | PowerRating) revealed its award-winning eSafe Virtual Appliance received West Coast Labs' Checkmark Anti-Spyware Gateway Certification.

Accompanying the certification, West Coast Labs also released an Anti-Spyware Solutions Technology Report highlighting eSafe's numerous benefits.

Shimon Gruper, vice president of technologies for the Aladdin eSafe Business Unit, said, "The Checkmark Anti-spyware certification and the West Coat technology report provide independent verification of eSafe as a best-of-bread Web browsing security solution that protects our customers against the ever- growing spyware threat."

Copyright(c) 2006 RealTimeTraders.com, Inc. All Rights Reserved

Virus and spyware scanners are the best, cheapest protection

Learn to Remove Spyware With Free and Available Programs! Click me

By Tim Henderson

thenderson@MiamiHerald.com

Q: When I was struggling with e-mail problems, I ran into a screen recommending a scanning program to identify what was wrong with my operating system. After identifying 146 problems, to fix them I had to accept charges on my credit card for $47, including renewal of the charges every year. Then I ran into another program that charges $29.99 to use for a week, without making any other commitment. After running it a few times, it reduced the problems to ''two very serious initializing problems,'' which it seems I have to solve a different way. Can you tell me what to do with the computer?

HORTON REY

A: It sounds to me like you were misled by some online advertisements that pretend to detect problems with your computer and offer to fix them for a fee. You should ignore those.

There are two things you really need to check for problems from malicious and/or unwanted programs on your computer: a virus scanner and a spyware scanner. The virus scanner costs money; but the best spyware scanner I've found is free from Microsoft. Go to www.microsoft.com and look for Windows Defender under Popular Downloads.

The two standard virus scanners are Norton, available at www.symantec.com, and McAfee from www.mcafee.com, and you'll have to get regular updates to remain protected.

If you just want a quick check to make sure you don't have a virus, you can do it online at housecall.trend

micro.com.

Q: I took my computer to a shop in Davie and got a call from them saying the motherboard is ''burnt'' and it's not worth fixing at all. We'll think about buying another computer later. I think maybe the wall outlet I had it plugged into was not a very good one.

DON NEWTON

A: To avoid damage from power surges, a lot of people buy power strips built specifically for delicate electronic equipment. Possibly you were already doing that, but if not, it can be a big help. It has a circuit breaker to protect you from power surges, and of course it offers the convenience of plugging all your equipment into one outlet.

MAILBAG: To the reader who had problems with a cursor that stopped responding to mouse movements, E. Tom Thurmond of Miami and my former colleague Dan Keating of the Washington Post noted that it could be caused by a wireless mouse in need of a new battery. That was news to me, since all of my mice are still wired! When it happens to a conventional mouse, it's usually because of junk in the little rubber ball inside. ''My wireless mouse eats batteries, and its reaction to low batteries is as outlined in the question,'' wrote Thurmond.

New York Sues Over Alleged Spyware

Learn to Remove Spyware With Free and Available Programs! Click me

Speaking a language spyware purveyors understand: fines and jail time

by Mathew Schwartz

4/11/2006

Can we finally say goodbye to VX2, Aurora, and OfferOptimizer?

These and many other pieces of adware and spyware, created by a company called Direct Revenue, have secretly installed themselves on PCs as part of software “bundles” included with “free” applications, games, or browser “enhancements”; or installed via drive-by downloads that exploit known browser vulnerabilities. After installation, they track users’ surfing habits, targeting users with multiple, unending pop-up advertisements.

Now, the New York Attorney General’s office is seeking a court order to prevent Direct Revenue from disseminating spyware or using existing spyware installations to deliver advertising. Fittingly, it also wants the court to compel Direct Revenue to disclose its own revenues, then pay penalties for its fraudulent practices.

Spyware makers, beware? According to New York Attorney General Eliot Spitzer, “Surreptitiously installed spyware and adware harm consumers and businesses, and my office will continue to prosecute these practices aggressively.” His office has already been making an anti-spyware and anti-adware name for itself, with the notable prosecution last year of adware purveyor Intermix Media, among others.

The current suit names four people, including Direct Revenue’s founders and chief officers, and alleges they knew about the organization’s fraudulent practices since its founding. They have also all owned a majority of stock since the company was founded.

Numerous Direct Revenue e-mails attached to the suit back up the AG’s charges. For example, lawsuit defendant and former Direct Revenue CEO Josh Abram said in April 2005 when e-mailing a distributor, “We have a very stealthy version of our adware product which we’re happy to give u… Don’t worry. If we do a deal—a build together—these will not be caught.”

Contrast the revenues companies such as Direct Revenue garner from serving advertising via spyware, versus the money companies must spend to defend against spyware, which can lift sensitive corporate information and browsing habits, not to mention bog down employees’ PCs and send them to the help desk. In particular, Forrester Research reports that at least for small and medium-size businesses (SMBs), along with viruses, worms, and spam, spyware is a top security concern. Already, an estimated 57 percent of SMBs have purchased anti-spyware software.

Avoiding Spyware Uninstallers

One problem with spyware: it’s just so insidious. Indeed, take another e-mail reproduced as part of the suit was from Direct Revenue’s chief technology officer, who observed how those infected with the company’s spyware “don’t know how they got our software.”

Once a PC is infected with spyware, removing it typically takes dedicated software. Audaciously, Direct Revenue provided customers with a site claiming to remove its spyware, but when users followed instructions to deactivate their firewall and download the “uninstallers,” they merely downloaded additional spyware.

Penalty for Past Practices

In a Direct Revenue press release posted on the company’s site, an unnamed spokesman rebuffs the charge. "This lawsuit is a baseless attempt by the Office of the Attorney General to rewrite the rules of the adware business. It focuses exclusively on the company's past practices—practices we and other industry leaders changed long ago—and says not a word about what we're doing today.

"We are proud of our products and the value they bring to both advertisers and consumers—the former by delivering positive, measurable results for their ad dollars, and the latter by offering free content and applications in exchange for viewing a few targeted advertisements per day.”

Furthermore, the company says its current practices include explicit and affirmative customer consent (in plain English) prior to installation, easy removal of the company’s software (by supplying a link to an opt-out page from every ad and by being listed in Add/Remove Programs), no use of personally identifiable information, and no use of third-party affiliates to distribute its software. The press release fails to address any past practices, however.

Getting Tough with Spyware Purveyors

Despite the public excoriation of spyware purveyors, there may be only one way to stem spyware: fines and jail time. As Ari Schwartz, the deputy director of the Center for Democracy and Technology in Washington, notes, “aggressive law enforcement is an essential component in the ongoing fight to stem the tide of unwanted spyware.”

Finally, prosecutors are catching up with such companies. While Congress has considered passing anti-spyware legislation, many computer security advocates argue current laws are sufficient for stopping spyware. In other words, don’t bother with a show of “get tough” legislation—just get tough.

Witness the New York suit, which the AG’s office says was filed “under New York’s General Business Law, which prohibits false advertising and deceptive business practices; its Penal Law, which prohibits computer tampering; and its common law prohibitions against trespass.” As the use of such laws illustrates, distributing spyware is a fraudulent activity, and that’s cause enough to pursue legal remedies.

Spyware funders make strange bedfellows

Learn to Remove Spyware With Free and Available Programs! Click me

Best of the blogs: Chase, Citi, Sprint, T-Mobile, Travelocity and United Airlines are all advertisers with adware vendor Direct Revenue. That means, as Ed Foster writes, "they are helping to fund the plague of intrusive software that threatens the security of our computers and the Internet." A pair of reports that came out disclosed those vendors as such. And there's more, Foster continues, with In the company of spyware. "Just a cursory glance at the Direct Revenue ads in Edelman's study reveals another, and even more disturbing, pattern: many of these companies are running ads that compete for the same market."

Show of the week: New products debuting at LinuxWorld keep on coming. The latest include: JBoss adds to its middleware roster with a rules engine and transaction server, IBM teams with Novell to bundle Linux with middleware in the hopes of easing deployment for SMBs, and Splunk launches an IT troubleshooting Wiki that enables systems administrators to share information. For complete LinuxWorld coverage, visit our special reports The virtues of open source, and LinuxWorld Conference and Expo 2006.

M&A's: Microsoft scoops up ProClarity and for an undisclosed sum obtains its business analysis and visualization software for culling information from SQL Server. SAP buys Virsa for its risk management wares. And at least one analyst is saying that Patricia Russo, chairman and chief executive of Lucent, will be up against some challenges as she runs the combined Alcatel-Lucent from Paris, and those obstacles just might have to do with being an American and a woman.

Storage: As the database market continues to be whittled down into fewer offerings, some people tend to think the database backup wars are finished, and Sean McCown used to be among those folks -- but not anymore. "Quest is making sure that it's alive and well," he points out in this post.

Spitzer sues major `spyware' Internet company over pop-up ads

Learn to Remove Spyware With Free and Available Programs! Click me

MICHAEL GORMLEY
Associated Press Writer

April 4, 2006, 11:16 AM EDT

ALBANY, N.Y. -- New York Attorney General Eliot Spitzer on Tuesday accused a major Internet pop-up advertising company of secretly installing spyware and sending ads through spyware already installed on personal computers.

Spitzer sought a court order in state Supreme Court to stop Direct Revenue from allegedly installing millions of pop-up ad programs that he said also monitors the Internet activity of users.

"These applications are deceptive and unfair to consumers, bad for businesses that rely on efficient networks to do their jobs, and bad for online retailers that need consumers to trust and enjoy their online experience," Spitzer said. "We will continue to side with consumers in their fight for control of their desktops."

Spitzer has taken legal action against other companies he said installs spyware and adware _ software that can be downloaded onto personal computers without the computer user's knowledge after they are attracted to Web sites or other actions.

Spitzer claims Direct Revenue or its distributors offered free games, browsers or software it but never mentioned the spyware that was attached in the downloads.

Spitzer called them "drive-by downloads" and said his investigators documented 21 Web sites that included Direct Revenue downloads called VX2, Aurora and OfferOptimizer. After the download, Spitzer said the company can track consumers' Web activity and deliver pop-up ads.

Spitzer said the company also thwarted consumers' attempts to remove the spyware, which sometimes reinstalled itself. Spitzer accuses the company in a civil suit under state business laws against deceptive business practices and false advertising.

A spokesman for the company didn't immediately respond to a request for comment.

Spyware and adware often land on computers, hitching a ride during visits to porn and gambling sites or in downloads of free games and screensavers. Often, the payload arrives with downloads of cartoon-character softwares aimed at children.

Infected computers can become filled with pop-up ads and users can find the unwanted programs difficult to remove.

In October, the former chief executive of Los Angeles-based Intermix Media Inc. agreed to pay $750,000 in penalties after Spitzer accused the company of secretly installing adware and spyware on millions of home computers. Spitzer accused the former executive, Brad Greenspan, of directing employees to bundle adware with other free programs and to make the software difficult to remove.

Spitzer said Intermix also agreed to pay $7.5 million in penalties over three years and stop distributing adware programs. Intermix ran Web sites featuring quizzes, games and jokes that it packaged for advertisers.

Spitzer's lawsuit filed in Manhattan also names Direct Revenue's former CEO, Josh Abram. Spitzer said Abram told a distributor in an e-mail that "we have a very stealthy version of our adware product which we 're happy to give u . . . Don't worry. If we do a deal * a build together * these will not be caught."

In another part of an e-mail released by Spitzer, the company's chief technology officer allegedly stated that users "don't know how they got our software (this is both upgrade and recent install..." and that users "say that they are getting so many ads that it is annoying them."

Yahoo Implicated In Spyware Click Fraud

Learn to Remove Spyware With Free and Available Programs! Click me

Advertisers who expect their Overture ad campaigns to run with certain Yahoo Searches may be surprised to find their ads running in syndicated spyware applications that render each impression as an ad click the advertiser must pay.

When that click is paid, according to spyware researcher Ben Edelman, Yahoo and the spyware vendor split the revenue. Edelman has followed up his August 2005 research into spyware receiving payments from Yahoo's Overture by noting an increase in this possible syndication fraud.

"In my August syndication fraud examples, an advertiser only pays Yahoo if a user clicks the advertiser's ad. Not so for three of today's examples. Here, spyware completely fakes a click -- causing Yahoo to charge an advertiser a "pay-per-click" fee, even though no user actually clicked on any pay-per-click link. This is "click fraud," Edelman wrote.

Edelman documented three examples where actual click fraud took place. He named 180solutions, Nbcsearch, and Look2me/Ad-w-a-r-e as culprits in presenting popup ads that defrauded advertisers with Yahoo.

"Spyware syndication falls within the general problem of syndication-based click fraud. Suppose X, the Yahoo partner site, hires a spyware vendor to send users to its site and to make it appear as if those users clicked X's Yahoo ads. Then advertisers will pay Yahoo, and Yahoo will pay X, even though users never actually clicked the ads," said Edelman.

His examples of this click fraud are not guesswork and assumptions. For each case, Edelman provided a full packet log, annontated screenshots, and video of the spyware-based click fraud taking place.

A fourth example of nefarious practices taking place involves the practice of inserting pay-per-click links into text without the consent of the publisher. Edelman displayed one example of this, a story about Iraq from the New York Times website that had a third-party link inserted.

Edelman believes that Overture is the sole funding source for Qklinkserver.com, which inserted the link. He diagrammed the process that took place with this insertion:

(T)he net effect of these practices is that advertisers pay Yahoo, then Yahoo pays Intermix (Sirsearch), then Intermix pays Searchdistribution.net which pays Qklinkserver.com / Srch-results.com.

Intermix, the parent of MySpace, is now owned by News Corp. Intermix has been implicated in spyware schemes in the past, when the company was investigated by New York Attorney General Eliot Spitzer's office before News Corp purchased it.

While News Corp has been publicly cleaning up MySpace, it may need to take a harder look at some of Intermix's other businesses. And Yahoo should be doing these types of audits itself, instead of waiting for Edelman or someone else to do them before correcting a problem.

Stopping PC Spies at the Gate

Learn to Remove Spyware With Free and Available Programs! Click me

By Elizabeth Millard
April 4, 2006 7:16AM

"If you want to avoid spyware, there are certain parts of the Web you should stay away from. They're the dark alleys of the Internet world. Basically, you visit a game cheat site, and you're vulnerable for spyware. A kids site will open you up to adware," said Dave Cole, director of Symantec Security Response.

Although spyware has been called the plague of the Internet, some people still regard the invasive software as a kind of digital Avian flu -- it is bad, and potentially very threatening, but happening to someone else.

That, many experts note, is a big mistake.

The prevalence of spyware, which usually slithers onto a system undetected during a download of other content, is formidable and poses a very real danger to every Internet user.

"You name it, spyware can do it," said Craig Schmugar, virus research manager at McAfee Avert Labs, which monitors Internet threats. "Everything from stealing your identity, turning your machine into a spam relay machine to popping up ads on your system. It can degrade your system performance to the point that using your machine is unbearable."

Defining the Threat

Spyware is a term that can be broken down into two categories, Schmugar said.

In the first category are the illegal, information-stealing threats that include Trojan viruses and "keylogger" programs that track user input. These are the villains of the Internet, and they pose a considerable risk to users. These types of programs are on the rise because the data extracted can be quite profitable to sellers.

Not all spyware is designed to be so harmful, though. The second category consists of programs intended to simply redirect users to different Web sites, or to collect general information on browsing habits.

"Advertisers often use spyware to cover competitors' Web sites," said Ben Edelman, a Harvard University researcher who focuses on spyware. "Where better can Netflix get a new customer than someone about to sign up with Blockbuster?"

If Netflix wanted to employ spyware, the company would hire an ad network, which then would hire another ad network, which would buy ad space from a spyware vendor, Edelman noted. This chain of companies distances the legitimate business from spyware activity while still giving it an edge in the marketplace.

Although this type of spyware, also called adware, might not be designed to hijack a system or steal identities, it still can be annoying. Working in the background, it can gobble up processing power, severely slow down a system, and even cause frequent crashes. It might also prompt a significant increase in pop-up ads, an Internet phenomenon that is almost universally despised.

"The advertisers are profiting from this, as are the adware makers, and those affiliates who distribute the adware," said Schmugar. "A significant number of affiliates are indirectly violating adware makers' terms of service by exploiting system vulnerabilities to silently install adware."

Spy vs. You

Although some spyware is relatively benign, especially the type that simply tries to get users to view ads or visit a rival site, other types are downright scary.

Keylogging programs, for example, can capture passwords, user IDs, and personal information. This is not just the kind of stuff that absentminded people put on a Post-It note, either. Through keylogging, a phisher can read every e-mail sent, see every Web site visited, watch every e-commerce transaction, and secretly view private instant-messaging chats.

With all that information, identity theft would be child's play, and even worse, it could extend into every facet of a person's digital life. A phisher could send e-mails from a user's account, with keylogging software attached, that would then infect the person's entire network of family and friends.

As unsettling as it might be to have one's identity hijacked, the effect on someone's finances could be devastating. With this level of personal information, a phisher might set up an electronic checking account, transfer every dollar of a victim's bank account into it, and walk away. Just as a user is wrangling with the bank over what happened, the credit card bills are likely to start arriving.

Many phishing victims have reported feeling violated by the actions, as if the phisher had come into their homes while they were sleeping and cleaned them out.

But, to extend the metaphor, phishing can be even worse than outright property theft. Thanks to insurance, most valuables can be replaced. But with phishing, someone's information might be sold again and again on the underground data market, forcing a victim to spend thousands of dollars, and months of time, trying to clear his or her good name and recover financially.

Other scenarios might not be as frightening as losing one's digital identity, but prove annoying and frustrating nonetheless. A spyware creator could hijack a user's system, turning the computer into a spam-spewing zombie, or so severely cripple the machine that it is nearly unusable.

Who's At Risk?

People who surf the Web in a corporate environment usually are protected. Computer network experts have become adept at putting up firewalls, blocking suspicious e-mail attachments, and watching for dubious download activity. Well aware of the spyware problem, many companies also do periodic sweeps of their systems to remove any unwanted programs that sneaked through their filters.

But many home users are not so fortunate. Some have installed antispyware protection, but in general, many are at risk, said Harvard's Edelman. Also vulnerable are libraries, airports, and hotels, all of which offer open Internet access without spyware blockers.

According to antivirus software company Symantec, visiting certain Web sites also can affect the likelihood of being infected with spyware. In a recent experiment, researchers started with a fresh installation of Windows XP containing the latest security updates and spent an hour visiting well-known sites in major categories like gaming, shopping, travel, and kid-oriented fare.

What was left behind on the machines was compelling, Symantec noted. Sites for kids produced the most adware, downloading over 350 applications onto the system, but no pieces of spyware. In contrast, gaming sites caused only 23 adware applications to appear, but four spyware programs. Going to shopping sites resulted in no adware or spyware.

"What this experiment tells us is that if you want to avoid spyware, there are certain parts of the Web you should stay away from," said Dave Cole, director of Symantec Security Response. "They're the dark alleys of the Internet world. Basically, you visit a game cheat site, and you're vulnerable for spyware. A kids site will open you up to adware."

Tool Kit

There are several spyware blockers and cleaners on the market, and Edelman noted that many users download programs like Ad-Aware, Webroot, and Counterspy.

A company started last year, SiteAdvisor, provides a system of automated testers that patrols the Web and gives out spyware safety ratings, allowing people to see if their favorite sites are really spyware havens. After downloading SiteAdvisor's software, people will see a small box in their browser with a red, yellow, or green icon to indicate the spyware threat level.

Antispyware tools work by scanning a computer system to find suspicious-looking programs that seem to have no business being in the machine, like adware, password crackers, remote-administration tools, jokes, and other applications. Some of what is caught is legitimate, which is why everything is usually presented in list format to a user, who can then sort the wanted from the junk.

Lately, though, even antispyware programs must be viewed with suspicion. A major trend has been the use of pop-ups by firms that allegedly provide free system scans and spyware cleaning. When a user chooses to accept the offer, he gets a message informing him that his system is riddled with spyware, even if it is perfectly clean. The irony is that during the scan, spyware is actually being installed.

"Stick with what you trust," said Symantec's Cole. "Don't use something from a pop-up ad that tries to scare you into downloading it because it has a funky, scary alert message."

Trend Micro Introduces InterScan Web Security Appliance

Learn to Remove Spyware With Free and Available Programs! Click me

The product enhances multi-layered anti-spyware protection for enterprises.

Tuesday, April 04, 2006: Trend Micro India has made available the InterScan Web Security Appliance in the Indian market. The new gateway-based hardware solution has been designed to provide enterprise organisations with comprehensive front-line protection against malware and content security threats.

The InterScan Web Security Appliance acts as the first line of defence against threats like spyware, grayware, viruses and phishing. It offers ability to trigger automatic agentless end-point cleanup via collaboration with Trend Micro damage cleanup services. It also provides malware detection and blocking, URL filtering, anti-phishing, and other features to prevent threats like spyware from entering the network.

It gives business organisations a greater choice in gateway protection, introducing an easy-to-deploy hardware option that complements Trend Micro’s software-based InterScan offerings.

“InterScan Web Security Appliance is easy to install and configure,” said Fernando Rynne, global product marketing manager, Trend Micro, Inc. “Moreover, it is much more effective than desktop-only security with integrated anti-spyware, antivirus, anti-phishing and URL filtering at the Internet gateway.”

Leave Spyware No Place to Hide!

Learn to Remove Spyware With Free and Available Programs! Click me

TRISNAP TECHNOLOGIES, a world innovator in spyware detection technologies, announces the release of System Spyware Interrogator 3.0 Tech Edition. System Spyware Interrogator (SSI) is a free tool that detects and removes malicious software from clients' computers. Its uses Trisnap's unique Predator technology to compare applications running on a client's computer with an online database of spyware definitions to immediately reveal all suspicious applications. Costly and time consuming updates off malware definitions on user's computers are not required System Spyware Interrogator 3.0 Tech Edition is the newest version of Spywaredata's popular scanner. The Tech Edition was been designed for technicians who deal with spyware on a regular basis. The consumer edition of System Spyware Interrogator offers monthly, quarterly and annual priority fee-based automatic removal options. The Tech Edition also offers Alternate Directory Scans, File Hash Generation, Intelligent Hijackthis log parser, and a memory process killer. SSI is linked directly to one of the largest malware databases in the world at www.spywaredata.com. The SSI Tech Edition is intended for technicians and users who would like to better expedite their search, detection and elimination of spyware.

Spyware company denies software is malicious

Learn to Remove Spyware With Free and Available Programs! Click me

By Nancy Gohring, IDG news service

The company selling spyware for mobiles has hit back at the suggestion its program is malicious.

Thai company Vervata has hit back after security firm, F-Secure, recently began blocking a commercial application called FlexiSpy, a product that bills itself as the world's first spy software built for mobile phones.

When FlexiSpy software is loaded onto a Symbian mobile phone, it sends all text messages that are sent and received, as well as call details, to FlexiSpy servers. Users can log on to the servers via the Internet to read the messages and view the call records. The problem, says F-Secure, is that the phone owner may not know the program has been installed and can't uninstall it.

"We're convinced that this could be used for malicious and illegal purposes in so many ways that we made the decision to flag it as malware," said Mikko Hypponen, F-Secure's chief research officer.

Vervata argues that FlexiSpy isn't a virus, a Trojan horse or malware. "Like any other monitoring software there may be a possibility for misuse, but there is nothing inherent in FlexiSpy that makes it illegal or malicious," a Vervata spokesman said. He added that the software must be consciously installed by a person, does not self-replicate and doesn't pretend to be something it's not.

He said that an uninstall option is provided so the user can uninstall the program at any time but F-Secure found that the application uninstaller doesn't work.

Hypponen also worried that a user could "beam" the program via Bluetooth to other nearby users. "If one in 100 people who received it wonders what it is and clicks on it, it would install without telling the user what the program does," he said. Going forward, the person who sent the program could read that person's text messages online. "If that's not malicious, I don't know what is," Hypponen said.

Some changes to the program could make it more palatable, he said. For instance, if the installation process clearly shows that a spy program is being installed, it could be useful for parents that might want to monitor a child's text messages, he said.

But using this type of program to spy on another person is illegal in most parts of the world, he noted. In addition, he also said that users might be concerned that the text messages and calling information is being stored on Vervata servers.

F-Secure has contacted Vervata to discuss the program but hasn't received a response, Hypponen said.

Each page of the FlexiSpy Web site warns visitors that logging other people's text messages and other phone activity or installing FlexiSpy on another person's phone without their knowledge could be illegal. It also says that Vervata assumes no liability and isn't responsible for misuse or damage caused by FlexiSpy.

Frost and Sullivan to counter spyware

Learn to Remove Spyware With Free and Available Programs! Click me

Wednesday, 29 March , 2006, 16:27

Chennai: About 90 per cent of computers all over the world have some form of spyware, which could lead to identity thefts, stolen proprietary data, invasion of privacy and slowing down of computers apart from other malfunctions. Keeping in mind all the effects of spyware, Frost and Sullivan introduced a product that could counter its threat at a workshop in Chennai. A recent study by Frost and Sulllivan also found that virus or worm attacks accounted for 65 per cent of all attacks and spyware and malware contributed to almost 15 per cent of it, company's Director Ravi Krishnaswamy told reporters today while making a presentation on the 'spyware industry in the world'. He was speaking after Trend Micro India, an antivirus software company, announced the introduction of the Inter-Scan Web Security Appliance in India today. The appliance acts as the first line of defence against threats like spyware, grayware, viruses and phising, Fernando Rynne, Global Product Marketing Manager, Trend Micro said while introducing the product. He said the Appliance offers unique ability to trigger automatic agent less end point clean up via collaboration with TrendMicro Damage Cleanup Services. It also provides malware detection and blocking, URL filtering, anti-phising and other features to prevent threats like spyware from entering the network. "We are the only vendor to tackle the full lifecycle of spyware with a multi-layered approach across the enterprise network. This layered approach allows us to prevent, detect, block and clean spyware as well as other grayware and malware as part of a comprehensive solution for large companies," said, company country manager Niraj Kaushik.

Israel jails spyware-for-hire couple

Learn to Remove Spyware With Free and Available Programs! Click me

Dirty deeds done dirt cheap

By John Leyden

Published Monday 27th March 2006 20:57 GMT

An Israeli couple were jailed on Monday after confessing to the development and sale of spyware that helped private investigators snoop on their clients' business competitors.

Ruth Brier-Haephrati, 28, was jailed four years while her husband Michael Haephrati, 44, was sentenced to two years imprisonment. Both sentences were in line with a plea-bargaining agreement made earlier this month. Ruth was charged with a litany of offences including fraud, planting computer viruses, and conspiracy. Her husband, Michael, was charged as her accomplice to those offences. Each also faces a suspended sentence and a fine of one million New Israeli Shekels ($212K).

Investigators allege the duo developed and sold customised spyware or Trojan horse packages designed to evade detection by security tools to three private investigation companies in Israel - Modi'in Ezrahi, Zvi Krochmal, and Philosof-Balali. This spyware code was allegedly installed on victims' PCs by private detectives from a diskette or via email, as part of a spying scam that ran for up to two years.

The malware sent stolen documents to an FTP site, allowing unscrupulous firms to swipe confidential documents from rivals. Each software installation allegedly netted the Haephratis 2,000 New Israeli Shekels ($425). According to court documents, Michael Haephrati developed the spyware Trojan horse, while his wife, Ruth, marketed the software. ®

Do-It-Yourself Spyware Kit Sells For $20 on Web

Learn to Remove Spyware With Free and Available Programs! Click me

A do-it-yourself malware creation kit is being hawked on a Russian Web site for less than $20, according to security researchers tracking the seedier side of the Internet.

Virus hunters at SophosLabs discovered the spyware kit, called WebAttacker, on a Web site run by self-professed spyware and adware developers. The kit is available for sale directly from the site, which even offers tech support to buyers.

The WebAttacker kit includes scripts that simplify the task of infecting computers and spam-sending techniques to lure victims to specially rigged Web sites.

Ron O'Brien, senior technology analyst at Sophos, based in Boston, said samples of the malware kit include timely spam-run themes — such as bird-flu protection and Slobodan Milosevic murder conspiracy theories — to guide online criminals through social engineering attacks.

Spam messages with fake links to news stories about topical issues are normally used to lure e-mail users to bogus Web sites where malicious code can be executed via browser and operating system exploits.

"Making spyware available on the cheap like this means that technical skill has been removed as an entry-level barrier" to spamming and hacking, O'Brien said. "Now even dim-witted miscreants will be able to join the world of cyber-crime."

It's not the first time a do-it-yourself malware builder has been found.

Earlier this year, researchers at Sunbelt Software uncovered a special program that was being used to create keystroke loggers and Trojans to target customers of financial institutions in the United Kingdom, United States and Canada.

The Trojan builder provided an easy-to-use interface for creating new variants of malware that can steal credit card numbers and online banking log-ins from machines on which it is installed, and can direct e-Gold payments into an account owned by the attacker.

Check out eWEEK.com's Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzer's Weblog.

Copyright © 2006 Ziff Davis Media Inc. All Rights Reserved. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Media Inc. is prohibited.

Spyware for cell phones emerges

Learn to Remove Spyware With Free and Available Programs! Click me

Snoop dog eats dog

By Nick Farrell: Friday 31 March 2006, 07:57

A NEW bit of software that lurks on cell phones and captures call logs and text messages has been dubbed a Trojan horse by a security outfit.

The software, called FlexiSpy, made by Vervata, is being flogged as a method that parents can protect their children by knowing everything they do. It captures call logs, text messages and mobile Internet activity.

However, security outfit F-Secure, said that the software is a Trojan, or at least an electronic sheep in digital wolf's clothing.

Jarno Niemela wrote in the company’s bog, that the application installs itself without any kind of indication as to what it is. When it is installed on the phone, it completely hides itself from the user.

It is concerned that the FlexiSpy could be used by bad guys as part of malicious software that targets phones. Hackers could try sending the program to phones via a Bluetooth connection and trust that there are enough curious people to install it.

F-Secure has updated its security software to detect the program and remove it.

Vervata denied that its software was a Trojan. In a letter to News.com the company insisted that FlexiSpy was not malicious. It can also be uninstalled with an option provided. We assume that is if you know it is there.

The software has to be installed by a human who knows exactly what the software does and cannot self replicate. No one has questioned what sort of control freak wants to listen to their child’s telephone calls and what message that this gives the child about life.