[media] Spyware Software Dubbed 'Ransom-ware'

Discussion in 'Spyware' started by Bear Foot, Jun 1, 2005.

  1. Bear Foot

    Bear Foot Guest

    http://www.internetweek.com/163702422;jsessionid=4WXYT4EQKNIZOQSNDBCCKHSCJUMEKJVN

    or

    http://tinyurl.com/98b6m

    An apparently bogus anti-spyware tool is the newest addition to the
    expanding "ransom-ware" category of malware, Panda Software said Tuesday.
    Ransom-ware, the term some have slapped on malicious code that infects a PC,
    then demands money in return for cleaning up the machine or unlocking
    suddenly-encrypted documents, is just another example of how hackers are
    increasingly driven by greed, Luis Corrons, the director of Panda's research
    lab, said in a press release. Now, said, Corrons, a purported anti-spyware
    product, SpywareNo, joins the list of ransom-ware.

    Surreptitiously downloaded when users visit certain porn or pirate Web
    sites, SpywareNo exploits vulnerabilities in Microsoft's Internet Explorer
    to get onto a PC. Once it installs itself, it creates an icon on the desktop
    and displays a bogus warning that the system's infected with spyware,
    Corrons said. (It also modifies the Windows Registry to guarantee it runs
    every time the PC is started, even after the user thinks he's managed to
    manually delete the program.)

    The warnings are as fake as a $3 bill.

    The on-screen alert invites users to purchase the full version ($20 for a
    month's subscription, $60 for an annual plan); only those who pay the ransom
    see the "threats" disappear.

    "If users fail to register, this commercial software will 'detect' threats
    that don't actually exist on the computer, and which will 'disappear' as
    soon as users pay for the product," said Panda in its own warning.

    In a release posted to the Spyware Warrior anti-spyware message forum,
    someone claiming to be the public relations manager for SpywareNo took
    exception with the ransom-ware categorization, and blamed the
    drive-by-installs on out-of-control affiliates.

    someone
    identifying herself as Jessica Simmons. "The competition is very very hard.
    That is why we direct all our efforts to development itself and have no time
    and power to advertise our products effectively. We use affiliated
    advertisers to do this. This is an easy way for us. This way is a very
    dangerous though. It is a shame that some of our advertisers do not respect
    the law, but unfortunately we are unable to check them all at the initial
    stage." (bullsh*t)

    The poster went on to say that SpywareNo "does not install silently or
    without permission," and that any such instance is due to "those
    unprincipled advertisers." (of course it's someone else's fault... it's your
    software!)

    <snip>
     
    Bear Foot, Jun 1, 2005
    #1
    1. Advertisements

  2. What a crock! These people and all those involved with creating and
    distributing spyware / adware deserve to catch a beating on a scale of
    the whipping scene from "Passion of the Christ".
     
    Phil Indablank, Jun 1, 2005
    #2
    1. Advertisements

  3. <snip>

    a Great reason to avoid using Internet Exploder like the plague!

    ~~~~~~~~~~~~~~~~~~~~~
    This message was posted via one or more anonymous remailing services.
    The original sender is unknown. Any address shown in the From header
    is unverified. You need a valid hashcash token to post to groups other
    than alt.test and alt.anonymous.messages. Visit www.panta-rhei.dyndns.org
    for abuse and hashcash info.
     
    Anonymous via Panta Rhei, Jun 2, 2005
    #3
  4. <snip>

    a Great reason to avoid using Internet Exploder like the plague!

    ~~~~~~~~~~~~~~~~~~~~~
    This message was posted via one or more anonymous remailing services.
    The original sender is unknown. Any address shown in the From header
    is unverified. You need a valid hashcash token to post to groups other
    than alt.test and alt.anonymous.messages. Visit www.panta-rhei.dyndns.org
    for abuse and hashcash info.
     
    Anonymous via Panta Rhei, Jun 2, 2005
    #4
  5. <snip>

    a Great reason to avoid using Internet Exploder like the plague!

    ~~~~~~~~~~~~~~~~~~~~~
    This message was posted via one or more anonymous remailing services.
    The original sender is unknown. Any address shown in the From header
    is unverified. You need a valid hashcash token to post to groups other
    than alt.test and alt.anonymous.messages. Visit www.panta-rhei.dyndns.org
    for abuse and hashcash info.
     
    Anonymous via Panta Rhei, Jun 2, 2005
    #5
  6. Bear Foot

    Charani Guest

    You're being too kind!! I can think of far better/worse punishments
    but at this time in the morning, I'll leave it to your (and others)
    imaginations.

    In all seriousness, I totally agree. I've never heard such a load of
    garbage spouted but it's typical of their kind. Unfortuntely there
    are still an awful lot of innocent/naive/gullible people out there who
    will be conned by the phoney assurances.
     
    Charani, Jun 2, 2005
    #6
  7. Bear Foot wrote:
    yadda yadda good stuff snipped ;)
    Found the thread in question, interesting read if anyone is up for it:
    http://www.broadbandreports.com/forum/remark,13438487~mode=flat~days=9999~start=20
     
    Anti_Freak_Machine, Jun 2, 2005
    #7
  8. Bear Foot

    Joe Guest

    Do not doubt that the anti spyware pushers are releasing these viruses
    to market their product.
     
    Joe, Jun 4, 2005
    #8
  9. Bear Foot

    YoKenny Guest

    Anonymous via Panta Rhei typed:
    A great reason to avoid advice from people using Anonymous remailers!
    They are too chickenshite to use the Internet.
     
    YoKenny, Jun 19, 2005
    #9
  10. Bear Foot

    John Bokma Guest

    Usenet. And while you're at it, learn to quote. Oh, wait, you probably
    won't.
     
    John Bokma, Jun 19, 2005
    #10
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.