jeffo

- from ZDNN, Larry Seltzer

OPINION: The controversial firm spent 10 years abusing users, suing security companies, defending itself in the press and court, and breaking promises to everyone. Luckily, this chapter of the software industry is over.

Contrary to rumors that it had been sold, Zango is now out of business. Some assets have been purchased by video search engine firm Blinkx, but the company itself has closed its doors.

Formerly known as ePIPO, 180solutions and Hotbar, Zango pioneered many of the most intrusive advertising strategies on the Internet. Despite its insistence that they were legitimate advertisers and listened to their customers, the company never was able to escape its reputation for installing without permission, refusing to uninstall and never quite explaining what it was doing to the customer. It's not clear that, even in the end, it abandoned these abuses.

Ben Edelman, Harvard professor and spyware researcher, was one of those who brought Zango's practices to light: "Zango never offered anything sufficient to compensate users for Zango's substantial intrusion onto users' PCs." The price for such information should be high, but "the little trinkets and doodads Zango offered were not enough." Much of what the company offered in exchange was easily available elsewhere for free. It also had a habit of redistributing content to which it had no clear rights.

In other words, it was a shady company. Throughout its history it was caught at a variety of sleazy activities, from ripping off its affiliates to displaying pornographic ads with no warning. To protest its classification as malicious, it sued or sent threatening letters to several security companies, including Symantec, Kaspersky and Zone Labs.

Pages: 1 2

Malware hunters at Symantec have discovered a direct link between a malicious file embedded in pirated copies of Apple’s iWork 09 software and what appears to be the first Mac OS X botnet launching denial-of-service attacks.

Writing in the current issue of Virus Bulletin (subscription required), researchers Mario Ballano Barcena and Alfredo Pesoli found two malware variants — OSX.Iservice and OSX.Iservice.B — using different techniques to obtain the user’s password and take control of the infected Mac machine.

The variants have been found inside bogus copies of iWork ’09 and Adobe Photoshop CS4 which were shared on the popular p2p torrent network. The author of the malware downloaded the original/trial versions of each program and introduced a copy of the malicious binary into the packages. Users who then downloaded and installed the applications from the torrent download would have been infected. It is estimated that thousands of people have downloaded the infected torrent files.

They describe this as the “first real attempt to create a Mac botnet” and notes that the zombie Macs are already being used for nefarious purposes.

The researchers pointed to this blog entry that describes a a PHP script, running as root, launching attacks against an unknown Web site.

The article goes into detail on the botnet’s peer-to-peer engine, startup and encryption capabilities and configuration file structure and concludes that the person who wrote the malware is not the same as the person who actually ‘used’ it.

“The code indicates that, wherever possible, the author tried to use the most flexible and extendible approach when creating it – and therefore we would not be surprised to see a new, modified variant in the near future,” the researchers added.

- from ZDNN by Ryan Naraine