FTC Targets Illegal Spyware Operation

The consumer watchdog agency files a suit to shut down an operation that secretly installed spyware that could not be uninstalled from infected machines.

The Federal Trade Commission on Wednesday moved to the courts to shut down an operation that secretly installed spyware and adware that could not be uninstalled from infected machines.

The FTCs complaint, filed in U.S. District Court for the District of New Hampshire, accuses Odysseus Marketing and its principal, Walter Rines, of using the lure of file-sharing software to launch "stealthy downloads" of spyware.

In a 4-0 vote, FTC commissioners approved the complaint that alleges the stealthy downloads violate federal law. The suit asks for a court order to permanently halt the companys operations.

According to the FTC, Odysseus Marketing advertised software it claimed would allow consumers to engage in peer-to-peer file sharing anonymously. The company allegedly used claims like "download music without fear" and "dont let the record company win" to encourage PC users to download the free software programs.

Those claims, the FTC argues, "are bogus."

"First, the software does not make file sharing anonymous. Second, the cost to consumers is considerable because the free software is bundled with spyware called ClientMan that secretly downloads dozens of other software programs, degrading consumers computer performance and memory," the FTC said in a statement.

/zimages/5/28571.gifRead more here about class action suits against adware/spyware companies.

Among other things, the FTC said the spyware program replaces or reformats search engine results.

The FTC charged that Odysseus Marketing has an obligation to disclose that its "free" software download caused spyware and adware to be installed on consumers computers. Instead, according to the complaint, the company hid the disclosure in the middle of a two-page end-user licensing agreement buried in the "Terms and Conditions" section of its Web site.

In addition, the FTC accuses Odysseus Marketing of "deliberately" making the software difficult to detect and impossible to remove using standard software utilities. "Although the defendants purport to offer their own uninstall tool, it does not work. In fact, it installs additional software," according to the FTC complaint.

According to information at Computer Associates International Inc.s spyware information center, Odysseus Marketing is responsible for the ClientMan spyware program.

ClientMan has been used to distribute pop-up ads, and CAs encyclopedia said the program crashes the Internet Explorer browser randomly and is capable of adding itself to the Norton Firewall allow list. The program also redirects search engine results and runs searches from an infected PCs address bar. Some versions add advertising links to Web pages and display popup ads.

/zimages/5/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.