Adware Vendor Tries To Dance Around Sneaky MySpace Installs

from the blame-anyone-else dept

Earlier this week, we noted that adware/spyware vendor Zango (formed out of the merger of two widely disliked adware firms) apparently had someone trying to convince MySpace users to add videos to their site that also just so happened to install some of their adware. It did give users a popup, but as the original security researcher noted, it wasn't clear that the popup was from Zango rather than MySpace -- and many users would just click it to see the video, not realizing they would be installing adware in the process. In fact, it seemed particularly egregious to push these videos on MySpace users, urging them to include the videos on their own profiles as a sort of free distribution force. At first, it seemed likely that this was yet another rogue affiliate that the company had promised were a thing of the past. Instead, it turns out that it was the company's own employee doing this -- in violation of MySpace's terms of service. The company admitted it was a mistake on an individual developer's part (blame the employee!) and then proceeded to basically attack the researcher who brought this mistake to their attention.

The researcher, Chris Boyd, hits back today with a detailed response pointing out the inconsistencies and ridiculous statements from Zango. First of all, it's amazing that they would make him out to be part of the problem, when all he did was point out to them what their own employee had done. Second, their claim about how the little popup they shove at people is perfectly clear is doubly amusing when you realize that they didn't even bother to read MySpace's own terms of service in setting these pages up. If they don't read the legal language when they see them, why do they expect everyone to read theirs? Furthermore, the company later admits that if it hadn't been an employee, but other users who went out and pushed these videos-with-adware through MySpace, they'd be perfectly fine with it. Given the company's long history with surreptitious installs and blaming security researchers every time they highlight yet another problem with the company's practices, is it really any surprise that this is happening?


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    kantankerus, Jul 12th, 2006 @ 5:56pm

    here is a big stick

    people deserve what they get
    or is it
    people get what they deserve

    i get so confuzzled

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Anonymous Coward, Jul 12th, 2006 @ 6:15pm

    ban them from teh intarweb

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Anonymous Coward, Jul 12th, 2006 @ 6:21pm

    i was infected with this. tough to remove. ended up reformatting because it will reinstall it's self

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    Sean, Jul 12th, 2006 @ 6:24pm

    lol.

    Anyone should know that if a Popup comes up, to close it instantly. If you are too stupid to know this, gtfo the Internet.

    But also, Adware companies and Spyware ones, NEED TO DIE. They piss me off more than the idiots who get their Spyware.

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    kjpweb, Jul 12th, 2006 @ 6:28pm

    What do you expect?

    Well - as long no one really intervenes - sure they are going to place their crap wherever they find a place that they can get their hands on.
    Take them to cleaners each and every time or even better - outlaw Spyware/Adware and place them in the same category as Viruses.
    Make installing of software on users computers without clear consent a fellony. Elevate it to the status of breaking and entering - what it essentially is.
    If there is no money to be made without the risk of incarceration - they will simply dry out and fade away.
    And what MySpace is concerned - if they were fortifying again known threats, TOS violations - things like that could be easily detected. It is quite funny - that a 3rd party has to make them aware...

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    kjpweb, Jul 12th, 2006 @ 6:35pm

    An afterthought

    Addendum to "What do you expect?"
    And why not take the manufacturer of products and those who offer the services pushed by Spy/Adware and have them take the heat, too. If you advertise and pay money for it - you KNOW EXACTLY - what you are paying for.
    So they share the responsibility and should share the consequences - the harder - the better.

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    Whateva, Jul 12th, 2006 @ 6:36pm

    Re: lol.

    Anyone should know that if a Popup comes up, to close it instantly. If you are too stupid to know this, gtfo the Internet.

    Sean, do you honestly believe that ANYONE who uses the internet and clicks on a popup is stupid and is somehow unworthy of using it? Do you have kids Sean? Older relatives or friends? It happens. Insulting the victem is not the way to go. Adware and Spyware are prevalant because they use highly deceptive techniques. But go ahead believing that anyone not as smart as you needs to "GTFO the internet". You're the kind of guy that would condone date-rape. "She should've known better."

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    John, Jul 12th, 2006 @ 6:59pm

    what doesn't kill you??

    I suppose that these instances where spy/mal/ad ware infects our personal confusers without our permission or interaction, will toughen us and make us aware that "teh interweb" isn't a safe place. IMHO there should be legislation passed to punish these kinds of invasions. What would you do if someone installed an advertising banner on your car or house? BTW - Sean - I agree with whateva - take it easy on the innocent clickers, even I accidentally click on these sometimes (that's why I don't run as ADMIN)

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    kantankerus, Jul 12th, 2006 @ 7:00pm

    i made a lot of money off of HAPPY99

    and i realized a long time ago Zango was a zinger. And i am not going to even get involved this time.

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    firemeg, Jul 12th, 2006 @ 7:14pm

    Shooting itself in the head...

    Myspace is shooting itself in the head here. Parents are already pissed about their under-16 year olds using the site, legislators are up in arms about it, Christian groups are having fits.... Now isn't the time to put this crap on their site, and certainly not a good idea to condone the "accidental" placement of the pop-ups.

    Any press is good press might not hold true here. If parents who are a bit educated about the internet find out about this, is will be one more reason to keep their kids off Myspace. I know the thought of having to reformat my computer is another good reason to not allow my teenager on the site.

     

    reply to this | link to this | view in thread ]

  11.  
    identicon
    charlie potatoes, Jul 12th, 2006 @ 7:26pm

    Zanger

    I used Bear Share for a long time. It was great.. then a while back it began to act funny...yada yada yada, i reinstalled and lo and behold I had Zanger all over my pc.
    Then they had the balls to tell me this was the price I had to pay to keep Bear Share...i reformatted to get them off. fuck, is this a great country or what? ass holes can legally vandalize my property...
    surely one day in the future they will manage to gore the ox of some congressman and we will see our legistators in action...I get chills just thinking bout it.

     

    reply to this | link to this | view in thread ]

  12.  
    identicon
    A chicken passeth by, Jul 12th, 2006 @ 7:51pm

    Anyone should know that if a Popup comes up, to close it instantly. If you are too stupid to know this, gtfo the Internet.

    Well, that's good advice and all, but there's some stuff today that CAN circumvent this technique. I suppose you haven't seen WinFixer, ErrorSafe and their clones yet.

    What they do is code their download/page open/install events around the WindowClosing event as well (even going to the extent of catching the ALT-F4 or the End Task - Browser), so you can't escape _unless you disconnect from the internet_ or you outright disable all java/css/scripts in the first place.

    And once you do, you'll never be able to post in a place like this unless you re-enable them, which places you in danger... again.

     

    reply to this | link to this | view in thread ]

  13.  
    identicon
    Anonymous Coward, Jul 12th, 2006 @ 8:36pm

    Where do u find such pop-ups as these? Only place i could guess is all those porn sites ppl enjoy looking at.... I havent run into any of these horrible pop-ups for a long time...

     

    reply to this | link to this | view in thread ]

  14.  
    identicon
    Brandon, Jul 12th, 2006 @ 8:48pm

    hmm i never get popups... GOGO Fire Fox!

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    Serta, Jul 12th, 2006 @ 8:54pm

    The Answer.

    I also haven't seen any of these pop-ups in a long time...since I quit using Internt Explorer.
    And that is the answer, install Firefox and refrain from using IE at all costs...Amen.

     

    reply to this | link to this | view in thread ]

  16.  
    identicon
    A chicken passeth by, Jul 12th, 2006 @ 8:57pm

    Where do u find such pop-ups as these? Only place i could guess is all those porn sites ppl enjoy looking at.... I havent run into any of these horrible pop-ups for a long time...

    I, too, thought that these idiots would stay at the questionable sites. But I found out I was wrong 2 days ago.

    Google ErrorSafe and see which forums are complaining. Apparently an advertiser sneaked this POS into one of their Ads in the rotation. When that ad displayed: BOOM, popup heaven and a hell lot of angry ImageShack, LiveJournal and WoW Forum users.

    Sure, the ad has been removed, but for some users the damage is already done.

    I caught ErrorSafe last week and had a hell of a time removing it. Guess where I found it? Imageshack. Of all places. Unless a site isn't ad-supported, you WILL be in danger even if the site IS legit.

    Tread carefully!

     

    reply to this | link to this | view in thread ]

  17.  
    identicon
    A chicken passeth by, Jul 12th, 2006 @ 8:59pm

    BTW: I caught ErrorSafe while using FireFox. I've since put it in my adblock list; it didn't come from Errorsafe.com so it wasn't caught in the first place. Meh.

     

    reply to this | link to this | view in thread ]

  18.  
    identicon
    steve-o, Jul 12th, 2006 @ 10:35pm

    Re: LMAO!!!!

    LMAO...Awesome, i feel the same way.They need to DIE!!!!

     

    reply to this | link to this | view in thread ]

  19.  
    identicon
    10pound, Jul 12th, 2006 @ 10:45pm

    crap cometh, crap goeth

    4 things ya need

    1. Firefox, opera or lynx if your whey nerdy
    2. some common sense and web awareness
    3. Adware/malware detect kits
    4. a rootkit detector of some sort (like blacklight)

    Oh crap, my bad, one more thing

    a rope..........so we can string these jumping fucking shitbags up by their bozacs.

     

    reply to this | link to this | view in thread ]

  20.  
    identicon
    Nofreakingway, Jul 13th, 2006 @ 1:01am

    Re: Format???

    I can't believe someone actually formatted thier PC because of this. I'm sorry, but if you don't know how to remove adware without simply reformatting, maybe it's time to leave the computer alone until you have a clue as to what you're doing with it.

    Besides, YOU are half of the problem, seeing as you actually clicked on the damn popup in the first place. Yet another reason to license people to get online....

     

    reply to this | link to this | view in thread ]

  21.  
    identicon
    A chicken passeth by, Jul 13th, 2006 @ 1:11am

    but if you don't know how to remove adware without simply reformatting, maybe it's time to leave the computer alone until you have a clue as to what you're doing with it.

    I think that's an unfair accusation, especially after having to deal with an Apropos infection that F***'d up a Norton Antivirus install so bad that it will never run properly ever again (BSODs with IRQL_NOT_LESS_THAN on system start unless running in safe mode), even with all the spyware code gone, even after a reinstall, even after a wipe with SymNRT.

    I stopped short of reinstalling only because the boss didn't want to go through the trouble of reinstalling everything on his family laptop. I gave him AVG in the end, but the point is some issues simply require reinstalling no matter how you look at it.

    I do agree with you about the license to surf thing, tho... the Boss's son just gave me 2 straight days of unpaid overtime.

     

    reply to this | link to this | view in thread ]

  22.  
    identicon
    Sanguine Dream, Jul 13th, 2006 @ 6:30am

    Why...

    aren't ad/mal/spyware illegal? Let's I come to your house right after you move in and introduce myself as a neighboor but when you let me I spray paint graffitti all over the inside of your house. Not only will you beat the daylights out of me but you can have me arrested too.

    Just like ad/mal/spyware I acted under false pretense to trick you into letting me do what I want. So why is it that one will get me arreseted while the other won't? Your home and your PC are both actual physical property so there's not argument there. The government is trying regulate the internet (like tyring to ban online gambling and social websites at school) but none of the politicians say anything about ad/spy/malware.

     

    reply to this | link to this | view in thread ]

  23.  
    identicon
    grammar police, Jul 13th, 2006 @ 6:32am

    Re:

    for a guy who continually corrects people for grammar mistakes, "it's self" is about the most blatant error i've seen on techdirt. well done, hypocrite.

    it's = it is
    its = it (possessive)

    itself = what you should have used.
    thus endth the lesson

     

    reply to this | link to this | view in thread ]

  24.  
    identicon
    A chicken passeth by, Jul 13th, 2006 @ 9:27am

    @Sanguine:

    I actually asked the same question about SPAM all those years ago. Then I realised one thing.

    I noted that industries used another name for SPAM. It's called mass-mailing. According to the industry, it's completely different from SPAM and as such is "not illegal" unlike spam. It was only much later that mass-mailing was seen as SPAM, and companies started moving away from it.

    If you look at the whole spyware thing, you'll notice that spyware quacks and waddles a lot like viruses. Here's the truth: spyware uses virus technology to spread; in effect spyware IS a type of computer virus. It's the industry trying to come up with a separate term to confuse people and cover their tracks.

    They aren't completely successful in severing the virus link, tho. Up to now they still haven't decided whether a trojan is a virus (as it once was) or spyware (as some of them are now classified as).

    Don't be fooled, they're all viruses. The ones who programmed them are just using legal loopholes, and they are continuing to use legal loopholes now... look at the way corporations are clamouring for the erosion of user privacy and locking down of their viral source code.

     

    reply to this | link to this | view in thread ]

  25.  
    identicon
    Chris G, Jul 13th, 2006 @ 10:07am

    Re: The Answer.

    Firefox alone will not stop pop-ups. Nor will any browser itself.

    Your best option is to use a browser with a pop-up blocking feature and on top of that, use a extension/plugin such as NoScript, allowing only those scripts to run that you approve.

    No amount of protection; pop-up blockers, spyware/adware/virus removal and protection programs or firewalls will provide adequate protection. That is fact and always will be. If anyone says using any one or more peices of software will be all the protection you need I suggest you tell them they are better fit for working at their local McDonalds.

    Common sense is always your #1 form of protection. With that, you can protect yourself without any software or additional hardware forever. (We have not hit the point that users are that smart though). It's sad that most people with any level of IT knowledge are also too stupid to know how to protect themselves and on top of that claim they know everything or have the ultimate solution over every one elses.

     

    reply to this | link to this | view in thread ]

  26.  
    identicon
    Caoboy, Jul 13th, 2006 @ 11:38am

    Re: Re: Format???

    You do know that there are many programs out there can just kill the comp outright and destroy any priveledges you have to access the compy. I have reformatted my compy numerous time to get rid of certain adware programs.

     

    reply to this | link to this | view in thread ]

  27.  
    identicon
    Anonymous Coward, Jul 13th, 2006 @ 12:12pm

    I got Zango and easliy removed it via my add remove programs...am I missing something here?

     

    reply to this | link to this | view in thread ]

  28.  
    identicon
    A chicken passeth by, Jul 13th, 2006 @ 6:13pm

    Well, you missed the fact that it phones home and installs without your knowledge.

    The spyware I have mentioned earlier has NO ENTRY in add or remove programs btw.

     

    reply to this | link to this | view in thread ]

  29.  
    identicon
    Franssu, Jul 14th, 2006 @ 10:55am

    Re: Why...

    Because social networks are made for perverts, gambling is bad, but ad/spyware is just advertising business.

    And business = good.

     

    reply to this | link to this | view in thread ]

  30.  
    identicon
    ashley, Oct 17th, 2006 @ 8:25am

    heyy baby

    heyy baby wad up wat u doin i yavz u

     

    reply to this | link to this | view in thread ]

  31.  
    identicon
    matt, Mar 20th, 2007 @ 6:59am

    na

    fgfghsfffff

     

    reply to this | link to this | view in thread ]

  32.  
    identicon
    jiggaboooooo, Mar 29th, 2007 @ 1:31am

    jiggabooo'z

    i h8 jiggaboo'ssss

     

    reply to this | link to this | view in thread ]

  33.  
    identicon
    KKK, Mar 29th, 2007 @ 1:34am

    KKK

    I wanna burn u niggas on the cross u dirty bastards!!!!!! Ahhhhh Die !!!! if i had ur dad i would have ur mom 2 Go and Blow ur dad!!!!! HAHAHAHA I am the dorning of a new age!!! start a WHITE REVOLUTION¬¬¬¬¬!!!!!!!!! ;-)

    All my love KKK man

     

    reply to this | link to this | view in thread ]

  34.  
    identicon
    jaun, Aug 29th, 2007 @ 2:31pm

    fuck that!!!!!

    fuck the kkk!
    yall are just a bunch of white losers!
    lol
    hahahaha!
    it just makes me laugh

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This