informa
/
Feature

Spyware And Adware Continue To Plague PCs

More businesses deploy anti-spyware apps, while efforts to control the parasitic code are widening as watchdog groups employ new tactics and law enforcement cracks down on suspects.
180solutions' problem was that it paid others to distribute that software and didn't make sure its distributors had people's permission. The company has more than 5,000 affiliates--it calls them Web publishers--that are paid to place adware on computers and are responsible for 90% of its adware downloads. Until a year ago, 180solutions used distributors to sign up affiliates. Last year, it severed relations with six of its distributors, acquired a seventh, and started using an automated system to manage affiliate relations. The company now deals directly with its affiliates and vets each one by requiring banking and payment histories and checking each Web site to see if it meets 180solutions' standards, Baur says.

Serious Threats bar chartThe company makes money from advertisers, mostly direct marketers that pay to have pop-up ads appear on users' computers, often when the adware software detects the consumer perusing a competitor's E-commerce site or seeking services and products similar to those offered by the advertiser. Based on the contract, 180solutions is paid per view or, when a purchase is made through the ad link, per acquisition.

180solutions says its user base numbers more than 20 million, and its revenue last year topped $50 million. The company says it spent $2.5 million on software--known as S3 for Safe and Secure Search--that's supposed to keep affiliates from surreptitiously installing 180solutions software on users' PCs, but it's not perfect. Co-founder Ken Smith, writing in a blog, blamed the recent failure of the software to prevent unauthorized downloads on his company's detection and reporting mechanisms, not the S3 technology.

Skeptics aren't buying it, and they're trying to pressure advertisers not to use 180solutions. "We want to give fair notice to companies thinking about advertising with 180solutions that they keep this in mind," says Schwartz of the Center for Democracy and Technology. Azoogle, one of the largest third-party online ad networks, heeded that advice and terminated its relationship with 180solutions this month.

Adware makers need to rein in out-of-control affiliates. In January, according to the Justice Department, Jeanson James Ancheta confessed to using servers he controlled to transmit malicious code over the Web to scan for and exploit vulnerable computers, redirecting thousands of PCs to an Internet Relay Chat channel that he controlled. Ancheta generated $60,000 in advertising affiliate earnings by directing more than 400,000 infected computers to servers he controlled where adware he had modified was surreptitiously downloaded. Ancheta also admitted to commandeering computers to create botnets--or robot networks--to launch denial-of-service attacks and transmit spam. He also earned about $3,000 from selling access to his botnets.

Serious Business
Among Ancheta's victims were the Weapons Division of the U.S. Naval Air Warfare Center in China Lake, Calif., and the Defense Information Systems Agency, the combat support unit responsible for IT and communications. The 20-year-old agreed to pay $15,000 to the two Defense Department units as restitution and forfeit all proceeds from his illegal activity, including $60,000 in cash, his computer equipment, and a BMW. He faces up to 25 years in prison; a federal judge will decide sentencing on May 1.

Adware provider WhenU.com doesn't use affiliates, but it, too, has had to change some practices. When CEO Bill Day, one-time head of the search site About .com, joined WhenU as CEO in 2004, one of his first actions was to stop marketing its software through banner ads on Web sites, for which WhenU paid the site operator a fee per download. Customers of WhenU's newer pop-up ads include ABC, which last fall used WhenU to promote two new shows, Invasion and Commander In Chief.

It's possible that adware could shake off its troubled youth and become a legit form of advertising--even if, like telemarketing, it's never exactly loved. Day notes that advertisers pay WhenU only when users click on ads, a model similar to that used by paid-search companies like Google and Yahoo. Users get only about an ad an hour, maybe less, says Day, who claims 10 million to 15 million users and growing revenue.

If adware cleans up its act, it might eventually get the likes of the Center for Democracy and Technology off its back, and it could become a viable way for people to get content free. But that won't necessarily help business IT people, who still will have one more potentially risky and bandwidth-eating software program to keep off their networks.

Fight Back bar chartDefining The Problem
It's not just adware companies feeling the backlash. The Australian media has had a field day reporting that skier Dale Begg-Smith, who won a gold medal in the 2006 Winter Olympics in the men's mogul event, was once a spyware master. The Australian reports say Begg-Smith's defunct Adscpm.com Web site spawned 20 million pop-ups a day, though Begg-Smith's associates are quoted as insisting the 21-year-old skier was involved in legitimate businesses.

Sony BMG Music Entertainment last year got nabbed selling music CDs that contained a rootkit--software that can be used by hackers to hide malicious code from antivirus and anti-spyware defenses--within the copy-protection scheme used to prevent music CDs from being copied to computers. To prevent software for digital rights management from easily being thwarted, Sony BMG used a rootkit to hide the copy-protection files from customers and make them difficult to remove. Bloggers, researchers, and law enforcement cried foul, and Sony BMG eventually recalled the CDs and alerted users about how to remove the DRM software.

It's enough to cause concern among PC users. Princeton University computer science and public affairs professor Edward Felten is a typical--and anxious--one. He knows there are tools on the Web that could help with his new hobby of music editing. But because of the threat of malicious software, "I'm less prone to try new software," Felten laments. "I'm more careful of what Web sites I go to. I spend time trying to protect myself."

That's important, but unfortunate. Spyware, Felten says, causes him "to shy away from small companies, shy away from using software from sites I don't know." That hesitation could mean a lost opportunity--adding to the price we pay for spyware.

Photo illustration by Anastasia Vasilakis