Results 1 to 5 of 5
  1. #1
    ABW Founder Haiko de Poel, Jr.'s Avatar
    Join Date
    January 18th, 2005
    Location
    New York
    Posts
    21,609
    Originally Posted but Curt from ThiefWare
    On another board.

    quote:

    Mike Healan, one of the moderators at Ad-Aware has informed me that RadLight 3.03 R5.2 software is uninstalling Ad-Aware components so that your copy of Ad-Aware can't delete this software. It's a new level of thiefware crossing over into Trojan virus land. RadLight also comes bundled with WhenU's SaveNow application.

    What is RadLight?
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    RadLight plays high quality DivX compressed movies and other multimedia files, like MPEG-I and VideoCD formats. RadLight supports multi-language audio.

    For more information see this forum thread:
    http://forums.thiefware.com/cgi-bin/...6c66714ffff;ac
    t=ST;f=5;t=7

    Be sure to get the latest Ad-Aware version at:
    http://www.lavasoft.nu/aaw.html

    It is immune to RadLight attempting to remove it.



    Haiko

  2. #2
    2005 Linkshare Golden Link Award Winner  ecomcity's Avatar
    Join Date
    January 18th, 2005
    Location
    St Clair Shores MI.
    Posts
    17,328
    These were the posts that caused the hackers to strip spyware/parasite adware from Morphous -Grockster and Ezula and post the CLEANED versions across the P2P networks. Forced the owners of the parasite programs to come out from under their rocks ( some offshore island tax shelter country near Australia) and cry foul play!!

    Seems they don't take kindly to folks who devise ways to defeat their intentional removal of anti-scumware programs or CLEAN their money traps.

  3. #3
    ABW Adviser Panel Dynamoo's Avatar
    Join Date
    January 18th, 2005
    Location
    Opposite the Slough of Despond
    Posts
    5,465
    That would be this thread on ABW I posted a couple of weeks ago? [img]/infopop/emoticons/icon_smile.gif[/img]

  4. #4
    2005 Linkshare Golden Link Award Winner  ecomcity's Avatar
    Join Date
    January 18th, 2005
    Location
    St Clair Shores MI.
    Posts
    17,328
    You earned your cow spots on that one dynamoo and I don't consider the 4 hours browsing the subject wasted. Someone should hang these programmers or make them party to the law suits.

    Michael Jackson love monkey coders and once commented:
    "I suppose if you put 100 monkeys in a room with 100 typewriters, they'd eventually write War and Peace...or scumwarez

  5. #5
    2005 Linkshare Golden Link Award Winner  ecomcity's Avatar
    Join Date
    January 18th, 2005
    Location
    St Clair Shores MI.
    Posts
    17,328
    The Salon rag shows up with something interesting...
    "May 7, 2002 | Looking for state-of-the-art Internet skulduggery? Try this: Thousands of unsuspecting visitors to a family entertainment site are discovering a cornucopia of unwanted, potentially malicious software on their computers -- the result of a pop-up ad campaign, a booby-trapped Web site, a compromised Web browser, and strange doings at a shadowy Los Angeles company.

    The story starts at Flowgo, a site that prides itself as the leading family entertainment portal. According to officials at eUniverse, the California firm that operates Flowgo, a pop-up ad that ran at the heavily trafficked humor site for a couple of weeks until late April caused the trouble.


    The ad, purchased by a Los Angeles Internet marketing firm named IntelliTech Web Solutions, was designed to automatically redirect visitors away from Flowgo (no mouse click required) and to dump them at a booby-trapped site called KoolKatalog.

    Once at KoolKatalog, visitors were invited to feed an e-mail address into a digital slot machine created in the Shockwave animation format. Solve the puzzle faster than anyone else, and KoolKatalog would send you a swell prize!





    Concorde: The most sensual of airplanes in 'Masterpiece' presented by Lexus







    In the nanosecond it took most people to recognize the obvious junk mail trap, the real damage was already nearly done. According to virus experts, code in the pages at KoolKatalog exploited a known flaw in an old version of the Java engine of Microsoft's Internet Explorer browser to covertly download the first of 10 files onto visitors' computers.

    KoolKatalog is currently inacessible, but its domain name was registered by an IntelliTech employee and the phone number listed in the privacy statement at KoolKatalog is the number for IntelliTech Web Solutions. Phone messages left with the receptionist who answered at that number were not returned.

    A contrite spokeswoman for eUniverse said IntelliTech's automatic redirects violated its ad policy, and eUniverse pulled the pop-ups as soon as it learned what was happening. Flowgo has achieved its success, she said -- and helped earn its publicly traded parent several quarters of profitability -- by taking great care to protect the safety of its visitors.

    But according to virus experts, tens of thousands of Internet users have been back-doored by the KoolKatalog-distributed "malware," which they have added to their lists of malicious code for scanning.

    "When you exploit a security bug to get your program onto someone's PC, you've crossed the boundary into what we consider malicious," said Craig Schmugar, a researcher with McAfee, which refers to the KoolKatalog-served payload as Downloader-W.

    While researchers have not yet completely decoded all functions of the programs, they say two of the files, BVT.exe and ABSR.exe, attach themselves to victims' browsers and covertly monitor which sites they visit. Other components, including a file called AUSVC.exe, appear to enable the program's authors to secretly send updates or other files to the infected computer.

    What's more, the install program, a file called CoolStuff.ocx, checks to see whether the victim is running a firewall, and terminates if it finds one. If no security software is monitoring outbound network connections, the installer grabs other files from one of two IntelliTech Web servers, online1net.com and wwws1.com.

    "Somebody took a lot of time and attention to create this. There's a lot of error checking and careful programming in there," said Vincent Weafer, director of Symantec's virus research lab. Backdoor.Autoupder, as Symantec calls it, quietly made the software firm's list of the five most-prevalent viruses in April."

  6. Newsletter Signup

+ Reply to Thread

Similar Threads

  1. Hello to Everyone Have you ever heard of this?
    By trcyph in forum Midnight Cafe'
    Replies: 5
    Last Post: January 5th, 2008, 03:09 PM
  2. Has anyone heard more about CJ...
    By mweidner2782 in forum Midnight Cafe'
    Replies: 2
    Last Post: August 28th, 2007, 01:01 AM
  3. Radlight Media Player
    By Dynamoo in forum Suspicious Activity!
    Replies: 5
    Last Post: April 26th, 2002, 07:46 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •