cybercrime-alerts
Wed, 02 Jan 2002 17:58:04 -0800
* via http://theMezz.com/lists * subscribe at http://techPolice.com
File-sharing programs carry Trojan horse By John Borland Staff Writer, CNET News.com January 2, 2002, 5:10 p.m. PT update A pair of popular file-sharing programs have become privacy time bombs, according to computer experts. Antivirus company Symantec last week reported the presence of "spyware" bundled with Grokster and Limewire, two popular file-swapping downloads. The code evidently does not damage computers, but it surreptitiously sends personal information such as user ID names and the Internet address of computers to another Web address. Advertising software called "Clicktilluwin" that comes bundled with the file-swapping programs carries a program called "W32.DIDer," which Symantec has classified as a Trojan horse--a piece of code that takes over parts of a person's computer unseen in order to carry out its own instructions. Although unrelated advertising programs are routinely bundled with free file-swapping programs--and have prompted some user criticism in the past--this appears to be the first time one of them has included a program classified as a Trojan horse by security experts. The Trojan horse software installs itself even if a computer user selects an option that appears to block Clicktilluwin's installation. For this reason, antivirus companies are warning people to scan their computers after installing these products to ensure the code is removed. On the heels of the Symantec warning, some consumers complained of similar problems with FastTrack's Kazaa Media Desktop. CNET News.com could not duplicate the problem in a test of that product Wednesday. A spokesman for Limewire said the version with Clicktilluwin included had been replaced with a clean version by Tuesday. "It was not what we thought this was," said Greg Bildson, Limewire's chief technical officer. "It was supposed to be a promotional tool...not blatant spyware." Grokster has gone one step further, apologizing and providing its users with a program that will remove the offending bits of code from personal computers "We have no access to the source code of these third-party installers and so we rely on what our advertisers say these programs do," the company wrote on its Web site Wednesday. "Now that we have learned of the Trojan, we are doing everything we can to minimize its impact on our users." Because software programs are among the most popular downloads on the Net, the Trojan horse could potentially find its way onto a large number of computers. Kazaa, for example, is one of the most popular pieces of software available through CNET Download.com, a site operated by News.com's parent company, with more than 1.3 million downloads in the last week of December alone. Bitter warnings about the code spread through consumer bulletin boards on several different Web sites last week. "Make sure you have a good virus utility if you must install this," one person wrote on Download.com's Grokster reviews. ============================================================ Send all your buddies online cards and make their day! These cards are guaranteed to make them smile! Click below to check them out. http://click.topica.com/caaaekwb1dhr0b2EDp2f/egreetings ============================================================ --via http://techPolice.com archive: http://theMezz.com/cybercrime/archive subscribe: [EMAIL PROTECTED] --via http://theMezz.com ==^================================================================ This email was sent to: archive@jab.org EASY UNSUBSCRIBE click here: http://topica.com/u/?b1dhr0.b2EDp2 Or send an email to: [EMAIL PROTECTED] T O P I C A -- Register now to manage your mail! http://www.topica.com/partner/tag02/register ==^================================================================