Threats latch onto free programs

Trend Micro warns of menacing software lurking in downloads

  • E-Mail
By  Published  November 25, 2006

Users need to be more careful when running seemingly harmless software programs such as screensavers and other ‘free’ programs they download, security firm Trend Micro warned at last week’s Gitex event.

Affiliate software programs that distribute software alone or bundle it with other software are more menacing then ever before, warned Justin Doo, regional director of Trend Micro.

Doo claimed that bundled applications that display pop-up ads could redirect web searches and access to web merchants, attempt to close anti-spyware software and install modifications to Internet Explorer. Once a screen saver is installed, it can then install an array of new applications without the user’s knowledge. Running all at once in the background, these can slow down the machine to the point where it is virtually unusable.

“With the recent changes in the structure of affiliate networks, there is now a new model of spyware installations,” said Doo. “The result is that those with little or no programming experience can now bundle as many new-breed affiliate networks together as possible.

“This spells top dollar for the distributor, but for the unfortunate end user it means their PC is likely to slow down to an unusable state — and possibly crash,” he predicted.

He used the example of a free screensaver which is listed in response to search queries for the singer Jessica Simpson and is distributed by a number of sites. It comes with a hidden cost, Doo claimed.

That is because it is bundled with a “witches brew” of Trojan horses, undisclosed adware, spyware and a stealth dialer program such as WebHancer, NewDotNet and Ezula.

“It is interesting that, if you perform a Google search for ‘Jessica Simpson screensaver’, one of the sponsored links that is returned installs Zango, an adware application, and the MySearch toolbar, a browser helper object that is commonly bundled with adware,” said Doo.

“This means that someone ends up paying the Google AdSense fee for the sponsored link. Then money is made back by installing the adware from the website to which the user gets directed,” he stated.

AdSense is an ad-serving program run and administered by Google which generates reve- nue on either a per-click or per-thousand-impressions basis.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code