* via http://theMezz.com/lists

* subscribe at http://techPolice.com

File-sharing programs carry Trojan horse
By John Borland
Staff Writer, CNET News.com
January 2, 2002, 5:10 p.m. PT
update A pair of popular file-sharing programs have become privacy time bombs, 
according to computer experts.

Antivirus company Symantec last week reported the presence of "spyware" bundled with 
Grokster and Limewire, two popular file-swapping downloads. The code evidently does 
not damage computers, but it surreptitiously sends personal information such as user 
ID names and the Internet address of computers to another Web address.

Advertising software called "Clicktilluwin" that comes bundled with the file-swapping 
programs carries a program called "W32.DIDer," which Symantec has classified as a 
Trojan horse--a piece of code that takes over parts of a person's computer unseen in 
order to carry out its own instructions.

Although unrelated advertising programs are routinely bundled with free file-swapping 
programs--and have prompted some user criticism in the past--this appears to be the 
first time one of them has included a program classified as a Trojan horse by security 

The Trojan horse software installs itself even if a computer user selects an option 
that appears to block Clicktilluwin's installation. For this reason, antivirus 
companies are warning people to scan their computers after installing these products 
to ensure the code is removed.

On the heels of the Symantec warning, some consumers complained of similar problems 
with FastTrack's Kazaa Media Desktop. CNET News.com could not duplicate the problem in 
a test of that product Wednesday.

A spokesman for Limewire said the version with Clicktilluwin included had been 
replaced with a clean version by Tuesday.

"It was not what we thought this was," said Greg Bildson, Limewire's chief technical 
officer. "It was supposed to be a promotional tool...not blatant spyware."

Grokster has gone one step further, apologizing and providing its users with a program 
that will remove the offending bits of code from personal computers

"We have no access to the source code of these third-party installers and so we rely 
on what our advertisers say these programs do," the company wrote on its Web site 
Wednesday. "Now that we have learned of the Trojan, we are doing everything we can to 
minimize its impact on our users."

Because software programs are among the most popular downloads on the Net, the Trojan 
horse could potentially find its way onto a large number of computers. Kazaa, for 
example, is one of the most popular pieces of software available through CNET 
Download.com, a site operated by News.com's parent company, with more than 1.3 million 
downloads in the last week of December alone.

Bitter warnings about the code spread through consumer bulletin boards on several 
different Web sites last week.

"Make sure you have a good virus utility if you must install this," one person wrote 
on Download.com's Grokster reviews.

Send all your buddies online cards and make their day!
These cards are guaranteed to make them smile! 
Click below to check them out.                                                        

--via http://techPolice.com
archive: http://theMezz.com/cybercrime/archive
subscribe: [EMAIL PROTECTED]
--via http://theMezz.com

This email was sent to: archive@jab.org

EASY UNSUBSCRIBE click here: http://topica.com/u/?b1dhr0.b2EDp2
Or send an email to: [EMAIL PROTECTED]

T O P I C A -- Register now to manage your mail!

Reply via email to