Results 1 to 3 of 3
January 27th, 2003, 05:01 AM #1
- Join Date
- January 17th, 2005
September 5th, 2006, 05:32 PM #2
Is StumbleUpon legit or parasite?
- Join Date
- January 18th, 2005
While reviewing my log files, I've discovered that one of my affiliates is drawing a significant amount of traffic from "StumbleUpon.com," which is a toolbar. There is no WHOIS or other valid contact info for the company, so I can't tell if the affiliate is a related entity, or might merely be paying their per-click fee for traffic.
All I see here on ABW are some very ancient threads with no clear evidence or proof. (Since I'm having erratic computer problems already this month, I am not interested in trying to install the toolbar and see what it does.)
September 5th, 2006, 08:04 PM #3
Everytime you start up your browser, this bho automatically adds itself to IE's list of trusted sites... that means it has permission to run applications, in the fore and background, that install other applications and browser extensions.
SU's domain is privately registered. Not a crime or even indicator of guilt, but ask yourself why a legitimate company (I'm not referring to individual affiliates and citizens here!) would need to mask their true identity....
Eric Howes, a very well respected adware and spywar researcher (who builds / maintains IESPYAD) has listed the stumbleupon.com domain as a restricted site (one's that his and similar safety wear will block people from visiting because it is known to be associated with downloads of malicious software).
SpySweeper and SpyBot Search & Destroy both detect and remove it. CastleCops says it's a legit BHO. Unfortunately, most testers look at what an app does as part of it's routine operations, not lengthy investigations of what other apps it may subsequently permit installation of. Trojan activity begins with getting permission and legitimacy. There's no sound reason why this BHO should add itself to a browsers trusted sites list.
A dated run-in with removing it:
Microsoft's AntiSpyware flags it as a threat, but doesn't auto-quarantine it.
These guys are good at pushing the limits to the point just short of being tagged as bad. Read their terms of service and you'll see the clauses that allow collection of data and its purposes.
And be prepared to be monetized with downloads that will follow, as time passes, because it establishes itself as not being bad... then can act as the doorman for many unexpected things.
If you do further research, you'll many many instances of researchers downgrading this app from dangerous / aggressive to benign / low-level threat. It's still adware and still has some suspicious traits that should concern you, but not alarm you.
By KeepingItClean in forum ShopatHomeSelectReplies: 2Last Post: October 16th, 2011, 02:10 PM
By Trust in forum Programming / Datafeeds / ToolsReplies: 8Last Post: June 19th, 2008, 09:18 PM
By John Kruger in forum Midnight Cafe'Replies: 1Last Post: November 4th, 2002, 04:33 PM