Posted by Erica George
Fri, 21 Dec 2007 20:43:00 GMT
Due to Harvard University’s winter break, StopBadware will be closed from Friday, December 21 to Wednesday, January 2.
During this time, we urge website owners whose sites have been flagged with Google’s malware warnings to request reviews of their sites directly from Google through Webmaster Tools. We also encourage anyone with questions or concerns that our website can’t answer to visit our discussion group, where members of our community may be able to help.
Please note that review requests submitted to StopBadware may not be processed until we return in January. For faster results, please submit all urgent review requests to Google Webmaster Tools from now until January 2.
Thank you for your patience, and happy holidays to all!
Posted in all | Tags Google, reviews, stopbadware.
Posted by Erica George
Wed, 19 Dec 2007 19:37:00 GMT
On the twelfth day of Badware
a hacker sent to me:
Twelve Trojan horses
Eleven hidden iframes
Ten worms a-spreading
Nine spywares spying
Eight popups popping
Seven secret botnets
Six stolen passwords
Five viruses
Four fake codecs
Three rootkits
Two javascripts
and a keylogger on my PC!
Happy Holidays from StopBadware!
... And best wishes for a badware-free New Year!
Posted in all | Tags humor, stopbadware
Posted by Erica George
Tue, 18 Dec 2007 15:59:00 GMT
StopBadware’s most important mission is helping to educate internet users about badware threats and how to protect themselves. One of the biggest ways users tend to find us is through our partnership with Google, and the warning pages Google places in its search results for websites that it has flagged as dangerous. Today, we’re rolling out a new and improved information page for users landing on our site after viewing a Google warning.
The new landing pages are an easy one-stop-shop for all the key links related to the warnings, organized in two easy boxes, one especially for website owners and the other for ordinary users. The pages also include a summary of any review history for the site, if the site has ever requested a review from StopBadware, and a link to the complete review history page.
The new pages use colored icons to help make a site’s warning and testing status clear. A site that is being reported as bad by a StopBadware partner gets a yellow icon, and a site that’s been confirmed as bad through our own testing at StopBadware gets a red icon. For sites no partner is currently reporting as bad, a colorless icon means simply that we haven’t been told anything current about a site, not that the site is necessarily safe.
We hope search users and webmasters alike will find these new landing pages helpful and informative. If you have suggestions or feedback, please let us know!
Posted in homepage, all | Tags stopbadware
Posted by Erica George
Mon, 17 Dec 2007 16:38:00 GMT
A Danish member of the StopBadware discussion group has highlighted a disturbing outbreak of ad-driven malware on the websites of Danish media companies over the past several days. Cometcom1 posted that within several days, the affected websites were cleaned up, but that the owners of the affected sites seem unwilling to admit their share of responsibility, laying all blame squarely on the ad networks themselves. A lively debate on the ethics of using advertising online ensued.
Cometcom1 reports that there has now been a second round of infection hitting different Danish media sites, leading some users to avoid all media sites and some companies to block media sites preemptively from their networks.
At StopBadware, we feel that both website owners and advertising networks have a shared responsibility to ensure the safety of internet users. While ads are generally hosted remotely, an ad shown on a site is as much a part of that site as its other content. As with any third-party content, we caution website owners to choose carefully what they allow onto their sites.
Posted in all | Tags adnetworks, ads, discussiongroup, thirdpartycontent
Posted by Maxim Weinstein
Thu, 13 Dec 2007 21:02:00 GMT
A LiveJournal blogger, tacit, recently discovered that several iPowerWeb-hosted sites were affected by a malware attack. Visitors to the sites were redirected to malware-installing sites based in eastern Europe.
Several months ago, iPowerWeb was included in StopBadware’s report of hosting providers with the most sites in our Badware Clearinghouse. At the time, we reported quick action taken by iPowerWeb to remove the offending code from their systems.
iPowerWeb has confirmed tacit’s new report and tells StopBadware that they are working rapidly to scan their systems, remove the offending code, and lock down their systems to prevent further infection. It seems that the attack made use of PHP exploits to allow the attacker to modify the .htaccess file on the virtual servers.
iPowerWeb also noted that they have been in the process for a couple months of migrating users’ hosting accounts to a new data center that has better security and tools that make it easier for iPowerWeb to quickly respond to this type of attack in the future. They expect this to be complete sometime in the first part of 2008.
Posted in all | Tags iPower, iPowerWeb, malware, stopbadware
Posted by Maxim Weinstein
Thu, 13 Dec 2007 14:35:00 GMT
In many parts of the world, the holiday season is a time of joy and happiness. Sadly, though, many criminals and cranks take advantage of the season’s spirit to prey on unsuspecting internet users.
Last year, we posted about Santa’s own website being hacked shortly before Christmas. According to ZNet Asia, security vendor Trend Micro has warned of “a rise in malware, phishing Web sites and virus-infected e-cards attached to e-mail messages” during the holidays.
So, when shopping online from your PC (that, naturally, has all the latest OS and security software updates installed), be sure to use extra caution in the sites you visit, the links you click on, and the attachments you open.
Posted in all | Tags holidays, malware, phishing, stopbadware
Posted by Erica George
Fri, 07 Dec 2007 21:30:00 GMT
The past week saw membership in StopBadware’s discussion group hit the 1,000 mark, a fitting milestone as StopBadware approaches our 2nd anniversary early next year.
The discussion group has served as an open platform for questions, concerns, ideas, and mutual assistance for internet users of all kinds. Our members are website owners, security experts and amateur techies, policy folks and consumers, from a variety of nations and walks of life.
StopBadware would like to extend a hearty “Thank you!” to all our discussion group members. From our most active and dedicated volunteers to those who joined simply to learn, our community is at the heart of everything we do. Want to join in? Check out the discussion group here.
Posted in all | Tags community, stopbadware
Posted by Erica George
Fri, 07 Dec 2007 19:53:00 GMT
The FTC this week reached a settlement with the owners of AdultFriendFinder.com over misuse of pornographic pop-up ads. The ads covered users’ full screens and showed pornographic content to users of search engines, including many who had never requested an explicit site. According to the FTC’s statement, some of the ads were distributed through badware.
As part of the settlement, the company behind AdultFriendFinder.com has committed to require consent before showing ads or sexual content. The company must also weed out any of its affiliates who don’t do the same, making it harder for them to pass the buck if there is future abuse.
The FTC’s statement says the practice of displaying explicit ads without consent is a violation of the FTC Act, but does not specify whether the core violation is of consent to being shown ads, consent to being shown sexually explicit imagery, or both.
Posted in all | Tags ads, adware, enforcement, ftc, pornography
Posted by Maxim Weinstein
Wed, 05 Dec 2007 22:00:00 GMT
Social networking site Facebook has been on the defensive lately for a variety of poor privacy and dislosure related decisions about its Beacon application. Beacon, which is turned on by default for Facebook users, allows users to update their Facebook news feed with information about recent purchases and other activities on third party web sites, such as Blockbuster.com, Overstock.com, and Epicurious.com.
To its credit, Facebook has worked fairly quickly to respond to many of the complaints:
- Initially, the default behavior for Beacon was to publish your purchases in your profile unless you explicitly said no. In response to public pressure, including a petition from MoveOn.org, Facebook changed its system so that you must affirmatively click “yes” before a story is published.
- There was originally no feature that allowed you to categorically prevent stories from a particular site from being posted to your profile. Facebook added this feature within the user profile privacy settings.
- Until today, there was still no global opt-out feature that simply says, “I don’t want my behaviors on other sites published in my profile.” Facebook announced availability of this feature today.
- Stefan Berteau at Computer Associates noted recently that even when you opt out, information about your habits on these third party sites are still sent along with your e-mail address to Facebook. Following publicity from Stefan’s report and dialogue between Facebook and StopBadware in which we encouraged far better disclosure, Facebook is updating its Beacon FAQ and has already updated its Actions From External Websites pages to disclose the transmission of this data. Facebook also released a statement clarifying that this data is deleted unless the user opts into publishing the story.
- Mark Zuckerberg, CEO of Facebook, apologized today and admitted making mistakes in the product and how the company handled the launch.
The engineers we spoke with at Facebook also point out that they built the system originally to ensure that data stored by Facebook, including e-mail addresses and other contact information, is never provided to the third party web sites.
We applaud Facebook’s commitment to privacy and its responsiveness to the community throughout this process. We don’t fully agree, however, with the conclusion of CEO Mark Zuckerberg’s statement where he says, “[I] hope that this new privacy control addresses any remaining issues we’ve heard about from you.” In our discussions with Facebook during the past 24 hours, we have raised a couple other privacy issues that we hope the Facebook team will still address:
- Facebook offers its partner (third party) sites the option of whether or not to use an encrypted connection to send data (e-mail address, item purchased, etc.) from a user’s PC to Facebook’s servers. We encourage Facebook to make this mandatory, not optional, as this is an important step in keeping this data out of the view of malicious hackers or curious network administrators.
- When a user chooses to opt out of Beacon or clicks “No Thanks” when asked to publish a story in his/her profile, it is not made clear to the user that the data will still be sent to Facebook. This should be an easy clarification to make in the text of these opt-out screens/boxes and would go a long way towards ensuring full disclosure.
We wish to thank Facebook for engaging in dialogue with us on these issues, and we encourage its leadership to continue listening to and learning from the community so the company can reach the goal they expressed to us of becoming a leader in user privacy.
Posted in all | Tags facebook, privacy, stopbadware
Posted by Erica George
Wed, 05 Dec 2007 20:32:00 GMT
The Bits blog at the New York Times yesterday highlighted a disturbing twist to a common spammer practice. Search engine spam, or spamdexing, involves spammers gaming search engine results by creating pages that pretend to have useful content, often based on current news items. Instead of new content these pages have links and text scraped from other sites, and are loaded with ads or badware.
The shameless twist observed by the Times is the exploitation of recent obituaries as news items, leading grieving friends and relatives to spam and badware sites instead of information about their departed loved ones. In the case profiled by the Globe, a website offered what it claimed was a video of the memorial service for a recently deceased woman. When a visitor clicked the link, he was prompted to download a video codec that included badware.
For friends and relatives who are dismayed to see their loved ones’ memories tarnished by search results full of spam and badware, there are some ways to fight back. Most major search engines offer a place to report search spam – here are reporting links for Google, Yahoo!, and MSN. Google also offers a way to report pages with badware that are found in its index, here.
Posted in all | Tags action, badware, search, spam
|
