The Spyware Weekly Newsletter is distributed every week to 20,000 subscribers and read online by hundreds of thousands of visitors. Please read our Terms of Use for quoting guidelines. http://www.spywareinfoforum.info/newlsetter/mar17,2004.

Permalink | Top

SpywareInfo is online again in spite of a massive, ongoing distributed denial of service attack. We have brought online a number of proxy servers at Globalservers.com that are shielding the site. Globalservers has the infrastructure to fight off the attacks. There is still the occasional outage but we expect to remain online no matter what the attackers throw at us.

By next week, we will have some products at CafePress, such as T-shirts and bumper stickers, that people can purchase to help with costs. The cost of hosting SpywareInfo has risen to nearly three time pre-attack levels because of all the servers we have shielding the site. You can also support the site with a Paypal or check donation.

Thank you very much to everybody who helped out, either by donating money, putting up mirrors for HijackThis and CWShredder or running around a million message boards to help people unable to access the forums. Many thanks to my AWESOME web host for working with me throughout these attacks and helping me to set up our new system of proxy servers.

Shortly after SpywareInfo was brought online again, the attackers went after Net-Integration.net, the site that hosts the official Spybot S&D support forum. They have been struggling to fight off the attacks using more or less the same kind of system of proxy servers we're using.

It looks like I won't be able to bring merijn.org back into normal operation just yet. I tried very briefly to route it through the proxy servers protecting spywareinfoforum.info and the servers overloaded. Whoever launched the attack hasn't given up yet, so there isn't much I can do about the other sites at the moment.

I do have DogReader.com up and running however. It was never under attack itself; it was just collateral damage as it is located on the same server. Catherine will start posting new articles there soon.

I said all this in the last newsletter but I didn't mail that newsletter out. I'm still not sure whether or not the newsletter software will cooperate with the proxy set up. I'll be testing that as I send out this issue. I apologize in advance if part of the email is missing, you receive the same copy several times or a Martian leaps out and vaporizes your PC.

Please be aware that I've been off the internet myself for the last few weeks. If you've sent an email in the last few weeks, then I probably haven't read it yet. I'm going to try to attend to my inbox sometime this week. I'll be in Savannah tomorrow for St Patrick's Day, so it may be the weekend before I have a chance to take a look.

Permalink | Top

Program: X-Cleaner
Author: X-Block
Platform: Windows 9x, ME, NT 4.0, 2K, XP
License: $39.95 [15% off for SpywareInfo visitors until March 27]
Coupon code: SPY-FEL4-INFO

For those of you who don't want your boss or spouse spying on you, you don't have to put up with it. X-Cleaner Spyware Remover is an award winning spyware detector that finds and removes commercial spyware programs. X-Cleaner also features a unique mobile active-x spy scanning utility so you can login through their member's center and use it from public terminals.

No installation required - simply download and use or you may install if you choose. X-Cleaner provides courteous support via e-mail for registered users. Software is delivered instantly via digital download and you can download new versions as often as you like the first year.

Detects and inoculates against over 200+ different spyware programs like:
KeyKey, SubSeven, Stealth Keyboard Logger, Snapshotspy, Surf Spy, Net Spy, GhostKeylogger, Pc Activity Monitor, PC Spy, STARR, eBlaster, Red Hand Pro, Hacker Whacker, FreeWhack, WinWhatWhere, BossEveryware, Conducent, Aureate even Spector 5.0 and many more!

You can even put this on a floppy disk and carry it to work in an envelope or in your shirt pocket. Insert floppy, scan and zap the keylogger or delete your surfing traces!

X-Cleaner was recommended by Kim Komando in her article for MSN, Danger, danger: 5 tips for using a public PC.

I know I've already featured X-Cleaner a couple of times recently. However, I wanted to feature it again because of the recent denial of service attacks.

X-Block offered to host merijn.org free after the attacks started. After the site was moved to their server, the attackers nailed it with an enormous number of infected machines and knocked out their main server several times. Like all of us that were attacked, they lost thousands of dollars while their services were offline.

In one stroke, buying a copy of X-Cleaner will help both of us recover some of the money we were forced to spend (and are continuing to spend) because of the attacks. Check out the list of features and screenshots at http://www.spywareinfoforum.info/downloads/x/.

Permalink | Top

The Federal Trade Commission will host a public workshop, 'Monitoring Software on Your PC: Spyware, Adware, and Other Software,' on April 19, 2004, from 8:30 a.m. until 5:30 p.m. The workshop will explore issues associated with the distribution and effects of software that is loaded on personal computers without users' consent and that gathers and sends information about users to third parties or that adversely affects the computers' functioning. A Federal Register Notice describing the workshop in more detail will be published shortly. The workshop, which will be held at the FTC's Conference Center at 601 New Jersey Avenue, N.W., Washington, D.C., will be open to the public.

The workshop generally will focus on four areas:

• Defining and Understanding Spyware, including a discussion of how spyware may differ from adware;
• Distribution of Spyware, including the role that peer-to-peer file-sharing may play;
• The Effects of Spyware, including the extent to which spyware affects the functioning of personal computers and raises privacy or security concerns; and
• Possible Responses to Spyware Concerns, including a discussion of what consumers, government, and industry have been doing and intend to do, by themselves or together, to address the harms associated with spyware.

More Info: http://www.ftc.gov/opa/2004/02/spyware.htm

I will be attending the FTC's workshop in DC next month. I might even be a panelist myself, although that hasn't been made final yet. Either way, I will be there.

One point I intend to drive home as hard as I can is that browser hijacking should be illegal. The people who distribute browser hijackers hack a person's computer by exploiting security flaws, take over the normal operation of that computer and make it nearly impossible to remove the offending software. The infected computer becomes a source of revenue for the sleaze responsible for the hijacker. How is any of that legal?

If I jump into your car, push you into the back seat and drive you to a shopping mall I owned, I would go to jail. There should be jail time for people, like Coolwebsearch.com, who allow their "affiliates" to distribute trojans in order to drive traffic to their web sites.

These people once booby-trapped one of the dozens of mutations of their trojan. Removing that variant using our normal (at the time) removal techniques at SpywareInfo would destroy Windows completely, forcing the victim to format their hard drive and lose everything on it. How can that be legal?

When that didn't stop people from coming to SpywareInfo for help, they started using HOSTS files to block the site. At least one variant will kill any window that has the word "SpywareInfo" in it. I can't prove it -yet- but I am convinced they are responsible for these denial of service attacks. Every site associated with CWShredder or SpywareInfo was attacked. Other antispyware sites that aren't known for CWS removal were not attacked. Draw your own conclusion from that.

I want the people who create and distribute these trojans to go to jail. I want the companies that advertise on their sites to be fined. I want the web hosts who allow their customers to operate this way to be closed down. I intend to see to it that the people behind coolwebsearch.com, lop.com, xupiter.com and others like them are classified as the criminals they are. This is my new crusade; and I'm not giving up until it happens.

Permalink | Top

The Utah state legislature has passed a bill outlawing certain activities in which most spyware engages. This includes, without first seeking permission from the owner of the PC, reporting online behavior, sending information about a user to third parties and creating pop-up advertisements based on the context of a web site a person is visiting.

This bill, the Spyware Control Act, was prompted by a local business owner in Utah. The owners of 1800contacts.com received complaints from web visitors about pop-up ads. The company discovered that the ads were being generated by adware installed on the visitors' computers.

Adware is a piece of software which installs itself onto a person's PC in a variety of clever ways and then serves advertisements to that PC. Usually, the company pays another software company to bundle their installer into their own software. Some companies exploit Internet Explorer's ActiveX technology to install the software, often by fooling the PC's owner into believing it to be a necessary part of the web site.

The visitors of 1800contacts.com had adware installed which analyzed the content of their web site. Using that information, the software would pop up advertisements for competing web sites. Companies such as Gator/Claria and WhenU have created an entire industry based on this sort of parasitic advertising. The owners of many web sites consider their activities to be theft.

Utah's Spyware Control Act has not been signed into law yet by Governor Walker. Several internet companies have drafted a letter in an attempt to persuade Governor Walker not to sign the act into law.

The parties to the letter make a false argument claiming that the bill might interfere with computer security by preventing security companies from analyzing data about such things as virus attacks. That is, of course, absurd. The owner of a PC installs security software deliberately. Contrast that to Gator/Claria's methods of installation, which often leave the PC owner confused as to its origin.

Their real concern is that the Spyware Control Act makes it illegal to sneak software onto a PC, use it to collect and transmit information about that PC and its use and to generate parasitic ads based on the content of someone else's web site. This is a law which should be passed, albeit at a federal level, not state.

If someone enters into an informed agreement allowing such software to operate on their own property, that is their choice. However, to sneak this software onto someone's machine, someone's private property, in order to display ads which are themselves based on someone else's work is shameful and should be illegal. Your private property should not be used as a billboard without your express authorization or without your knowledge.

If you are a resident of Utah, please write to your governor and urge her to sign this bill into law.

Permalink | Top

Four of the nation's largest e-mail providers said on Wednesday they had sued hundreds of online marketers under a new federal law that outlaws the worst kinds of "spam" e-mail.

[snip]

Defendants falsified return addresses, routed their messages through other computers to cover their tracks, and used misleading subject lines like "important message from AOL," the lawsuits charged.

One group of defendants in Canada sent nearly 100 million messages to Yahoo customers in January alone and resold the e-mail addresses of those who asked to be taken off their mailing list, according to one lawsuit.

Eric Head, Matthew Head and Barry Head of Kitchener, Ontario, also tried to circumvent spam filters by including random, invisible text in each message, the lawsuit alleged.

[snip]

One privacy activist noted that Internet providers had ensured that the new [CAN-SPAM] law would prevent individual lawsuits, so their own marketing efforts wouldn't get them in hot water.

"Microsoft, AOL and Yahoo all send out vast quantities of e-mail, and they don't want to get sued," said Jason Catlett, president of the Junkbusters Corp. consulting firm. "There could have been thousands of litigants against spammers, not four."

Full article: http://www.reuters.co.uk/newsArticle.jhtml?type=technologyNews&storyID=4541588&section=news