Spyware Trail Leads to Kazaa, Big Advertisers

Google-funded anti-spyware coalition StopBadware.org releases its inaugural report to coincide with a study on how big-name advertisers are helping fund the virulent spread of unwanted software.

The StopBadware.org coalition, funded by Google, has listed the Kazaa file-sharing application at the top of a list of noxious software programs that present a threat to business and consumer users.

The coalition, which counts Sun Microsystems and Lenovo among its sponsors, will recommend in its inaugural Badware Report that users stay away from Kazaa and three other programs that can be combined with Trojans and bots for use in data theft attacks.

Adware and spyware programs that come bundled with peer-to-peer applications present a huge security risk to corporate networks, and StopBadware.org says Kazaas claim to be spyware-free cannot be trusted.

"[Kazaa] does not completely remove all components during the uninstall process, interferes with computer use, and makes undisclosed modifications to other software," the group said in the report, which is scheduled for release on March 22.

In addition to Kazaa, StopBadware.org said computer users should stay away SpyAxe, a rogue anti-spyware program; MediaPipe, a download manager that offers access to media content; and Waterfalls 3, a screensaver utility.

/zimages/1/28571.gifRead more here about Googles backing of the StopBadware coalition.

In Kazaas case, the report said the P2P agent comes bundled with several annoying and potentially dangerous adware and spyware programs, including TopSearch, AltNet Peer Points manager, BullGuard P2P, Cydoor, The Best Offers, InstaFinder and RX Toolbar.

Some of these third-party software applications cannot be closed by the average user and, in some cases, the uninstallation process does not eliminate all components related to Kazaa and its bundled programs, the report said.

After the uninstaller was run, the coalitions testers found that executables and system components still remained, including the Kazaa Plus Installer. Additionally, the group found that Kazaa and its bundled applications added new links to the Windows Desktop without disclosure during the installation process.

InstaFinder, one of the applications bundled with Kazaa, even changed the default 404 page and DNS (Domain Name System) error pages in Internet Explorer without disclosing the modification to the user, the group said.

/zimages/1/28571.gifDo anti-spyware suits mean a new era for the security industry? Click here to read more.

The report also recommends that Sharman Networks, the company that distributes Kazaa, stop claiming that the software is spyware-free and ensure that Kazaa is not bundled with programs that cannot be closed by the user.

Sharman is also urged to remove all executables, system components and registry keys during the uninstall process and to notify the user about changes to the desktop and other software modifications.

Next Page: Big advertisers fund adware.