|
Post by Gilby Admirer on Oct 27, 2002 18:14:33 GMT -5
www.msnbc.com/news/826033.asp?0na=x220F110-Oct. 25 — It’s part spam, part pop-up porn ad software, part computer virus, part e-greeting card — but a complete nuisance. Internet users are starting to complain to their anti-virus providers about a suspicious e-mail making the rounds that purports to be a harmless electronic greeting card. But trying to pick up the card has severe consequences: a copy of the e-card e-mail is sent to everyone in the recipient’s Outlook e-mail address book, similar to the worm-like behavior of the Melissa virus or the LoveBug. The incident highlights a disturbing trend: spam advertisers taking up tactics used by virus writers.
|
|
|
Post by Gilby Admirer on Oct 27, 2002 18:16:35 GMT -5
INTERNET USERS WHO receive an e-card in the next few weeks might want to think twice before opening it. A new kind of e-card, which requires installation of spam-generating software called Cytron, is making its way around the Internet. If you try to view a Cytron enabled e-card, you are likely to pester friends, family, and co-workers with e-mail and inadvertently send them toward porn Web sites. The Cytron e-card arrives with a harmless-sounding, personalized subject line: ”(Recipient) you have an e-card from (sender).” The message includes another personalized greeting, ”(Recipient) I sent you a greeting card. Please pick it up.” Then there is a simple link to Friendgreetings.com, which might sound like a normal electronic greeting card Web site. But users who click on the link and agree to install Cytron find their computer is hijacked and used to send out similar greeting card e-mails to everyone in the recipient’s Outlook address book. Later, they are treated to a small deluge of pop-up ads for porn sites. The Cytron e-greeting has been making the rounds for at least a week, but complaints started pouring in to anti-virus companies Thursday, and most issued some kind of warning late in the day. “We’ve gotten a few hundred calls over the last two days,” said Chris Wraight, technology consultant for Sophos. Trend Micro indicated it had received reports of 90 infections so far. IS IT A VIRUS? Anti-virus firms aren’t quite sure what to call the program, or what to do about it. Users who try to view the greeting card are warned that they must install new software and told in small print of the End User License Agreement that the program will access the installer’s e-mail address book. As a result, some firms have decided not to treat the program like a virus. Sophos, for example, issued a warning Thursday, but decided not to disable the program with its anti-virus software. Trend Micro’s David Perry thinks Cytron is a Trojan horse, however, and his firm decided to detect and disable it. Advertisement
“We’re hearing from both consumers and corporates who want it off their networks,” Perry said. “It basically doesn’t tell you what it’s going to do. It modifies your machine. It brings people to sites they don’t give permission to go to. We expect them to explicitly say (what the program will do).” Cytron president and CEO Richard Oliver didn’t respond to e-mail requests for interviews, but SecurityFocus.com reported earlier this week that Oliver admitted to the software’s tactics, and feels they can be justified. “I can name you about a hundred different companies, publicly traded companies, that are doing far worse than I am,” Oliver is reported as saying to SecurityFocus. “You’ve never heard of KaZaa, you’ve never heard of Morpheus, nobody’s ever heard of any of these file-sharing companies that put all kinds of software on your computer? ... Well, now you’ve heard of us.”
|
|
|
Post by Gilby Admirer on Oct 27, 2002 18:16:49 GMT -5
Hacks, Viruses & Scams • Blog site back up after hack attack • P2P hacking bill may be amended • Hackers target wireless networks In April, popular music swapping service KaZaa stirred controversy when it was revealed that millions of users had quietly been induced to install a second piece of software, FastTrack, that was designed to create a for-profit peer-to-peer network. At the time, some called FastTrack a Trojan horse. KaZaa later came clean about the download. And some apparently agree with at least part of Oliver’s logic — that Net users should be responsible for reading End User License Agreements. “I’m not sure why you would label this ‘a very underhanded marketing practice’ when the EULA clearly states what they will do and the user had to agree *twice* in order for it to work. Seems to me to be very upfront and above board,” wrote Paul Schmehl, a virus expert at the University of Texas. “It simply takes advantage of the tendency of many people to not read contracts before they agree to them, but you couldn’t argue that you were not clearly informed.” POSSIBLE DAMAGE TO REPUTATION Either way, the program’s tactics are clearly sneaky, and show a disturbing trend of spammers’ willingness to deploy tactics long used by virus writers. Perry said his company is regularly receiving reports from users who are complaining that their computer has been used to send unsolicited e-mail advertisements. In many cases, spammers have just faked return addresses, a technique known as spoofing. But it can be an alarming experience for an Internet user to receive a complaint from a stranger who has received pornography spam from their e-mail address. “It’s very distressing,” Perry said. “Reputation loss is becoming a bigger issue than data loss. If I lose my document, I can restore it. But if something goes off my machine and people think I am advertising porn, then my reputation is getting damaged, and my reputation is far more valuable.”
|
|