Nasty Malware Fouls PCs With Porn

Found on Wired on Saturday, 01 May 2004

According to Merijn Bellekom, who has been tracking CWS and its many variants -- more than two dozen since CWS first appeared last summer -- CWS is "the most complex, invisible and devious hijacker" ever programmed.

CWS-infected computers are often plagued with a constant barrage of pornography pop-up ads. A hundred or more bookmarks, some for extremely hard-core pornography websites, are often added by CWS to Internet Explorer's Favorites folder.

Almost all versions of CWS significantly slow the performance of infected computers, and some can cause the system to freeze, crash or randomly reboot. CWS also collects and transfers personal information from the infected PC. A few versions of CWS can add websites to Internet Explorer's "trusted sites" zone, which allows those websites to install new programs on the infected PC without the computer owner's knowledge or permission. Several CWS variants are capable of automatically self-updating their programming code.

A few versions of CWS block a user's access to more than two dozen websites that offer advice on how to detect and delete spyware. Some CWS versions also disable firewall programs.

Why doesn't Cool Web Search doesn't check their accounts to find out the "affliates" who create redirects using CWS? After all, they have to deliver some ID information. They could check the top affliates to see how they create their earnings; but I guess that's not their real interest.

Browse all articles« Previous « » Next »