The folks responsible for spyware are constantly looking for new ways to get their programs onto your computer. Windows XP Service Pack 2 continues to be reasonably safe, although it will not prevent you from things you do voluntarily. Don’t install unnecessary programs or free software unless you are 100% convinced that it is not harmful!
A new twist involves video files that bring up phony requests for Digital Rights Management licenses. When you download one of these videos and attempt to view it on a computer that is not running Service Pack 2, a popup window claims that a program is required to view the video; if you agree, your computer is directed to a web site that proceeds to install literally hundreds of adware programs.
Here’s an article describing the result.
“On a fresh test computer, I pressed Yes once to allow the installation. My computer quickly became contaminated with the most spyware programs I have ever received in a single sitting, including at least the following 31 programs: 180solutions, Addictive Technologies, AdMilli, BargainBuddy, begin2search, BookedSpace, BullsEye, CoolWebSearch, DealHelper, DyFuca, EliteBar, Elitum, Ezula, Favoriteman, HotSearchBar, I-Lookup, Instafin, Internet Optimizer, ISTbar, Megasearch, PowerScan, ShopAtHome Select, SearchRelevancy, SideFind, TargetSavers, TrafficHog, TV Media, WebRebates, WindUpdates, Winpup32, and VX2 (DirectRevenue). (Most product names are as detected by Lavasoft Ad-Aware.) All told, the infection added 58 folders, 786 files, and an incredible 11,915 registry entries to my test computer. Not one of these programs had showed me any license agreement, nor had I consented to their installation on my computer.”
The interesting thing is not this particular attack – there’s no special reason to be afraid of watching videos on your computer. Rather, the author goes on to look at the likely sources of the adware and some of their financial backing – and sadly, there are respected companies and big money funding many of these scum.
“Other companies partially responsible for these practices are the providers of the unwanted software — companies that pay commissions to distributors foisting their software onto users’ computers. In general there’s no reason to expect honorable behavior by providers of unwanted software. But some of the programs I received come from big companies with major investment backing: 180solutions received $40 million from Spectrum Equity Investors; DirectRevenue received $20 million from Insight Venture Partners; and eXact Advertising (makers of BargainBuddy and BullsEye) received $15 million from Technology Investment Capital Corp. With so much cash on hand, these companies are far from judgment-proof. Why are they paying distributors to install their software on users’ computers without notice and consent?”