I have spent at least five hours recently, over the phone and on site, fixing computers that have been infected, not by viruses because I have got family and friends to install antivirus software like NOD32, but by spyware !
Annoying pop-up messages that often sound scary to novices, “You have been infected by spyware” “you must download this software”… And they are real pains to get rid of. You either have to install Spyware removal software, that have twice in my experience crashed the computer, or manually search and destroy (sorry remove) !
I just don’t understand, like with Spam, why there isn’t more done against people that advertise through this medium. A practice that can also result in seriously damage people’s lives when hackers take advantage of this to take the issue one step further…
Ads can be served to you by reputable web sites, that are unaware of the malicious intent behind the spyware installing companies, engaging in this type of business. Ads like these suddenly pop-up on your computer sometimes before you have even typed anything in the browser :
An article at the washingtonpost.com’s Security Fix discusses a recent spyware campaign and does a great initial job of researching the people behind the so called DeckOutYourDeck ad. This extract explains how the iDefense analyst Michael La Pilla followed as far as possible the security flaw that comes from the images in the Windows Metafile format :
Using software that captures and analyzes Web traffic, La Pilla found that the installation program contacted a Russian-language Web server in Turkey that tracks how many times the program was installed, presumably because most of this adware is installed by third parties who get paid for each installation. The data there indicate that the adware was installed on 1.07 million computers, La Pilla said, adding that all seven of the Internet addresses contacted by the downloader Trojan appear to be inactive at this time.