Close
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Applications
    • Applications
    • Cybersecurity
    • IT Management
    • Networking

    Microsoft WGA Attracts Copycat Worm and Second Lawsuit

    Written by

    Matt Hines
    Published July 5, 2006
    Share
    Facebook
    Twitter
    Linkedin

      eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

      Security researchers have identified a worm virus masked to appear as Microsofts Windows Genuine Advantage anti-piracy program, while end users have filed a second lawsuit against the software giants use of the actual program.

      Workers at anti-virus specialist Sophos were among the first to unearth the worm disguising itself as WGA. Dubbed by the firm as Cuebot-K, the virus is spreading over AOLs popular instant messaging network posing as Microsofts controversial anti-piracy software.

      Sophos said Cuebot-K is registering itself on infected PCs as a new system driver service named “wgavn” that also bears the public display name of “Windows Genuine Advantage Validation Notification.” The virus automatically runs during system startup, and users who view the list of services offered by the threat are informed that removing or stopping the service will result in system instability.

      Researchers indicated that once in place, Cuebot-K disables the Windows OS firewall and opens a backdoor to infected computers, which could potentially allow hackers to gain remote access of a machine to spy on users or launch DDOS (distributed denial-of-service) attacks.

      Adding to the threat is widespread controversy over WGA that has forced Microsoft to offer an updated version of the program, a previous iteration of which some people have labeled as having spywarelike capabilities. End users looking for that update could unknowingly expose themselves to Cuebot-K, experts said.

      “People may think they have been sent the file from one of their AOL IM buddies, but in fact the program has no friendly intentions, and technical Windows users wouldnt be surprised to see WGA in their list of services, and so may not realize that the worm is using that name as a cloak to hide the fact that it has infected the PC,” said Graham Cluley, senior technology consultant at Sophos, based in Abingdon, U.K. “Once in place, this malware disables the firewall and opens a backdoor by which hackers can gain control over your computer to steal, spy and launch DOS attacks.”

      Microsoft representatives didnt immediately return calls seeking comment on the WGA-themed virus.

      Adding to the companys headaches over WGA, Microsoft has also been hit with a second class-action lawsuit filed over the capabilities of a previous version of the anti-piracy software.

      /zimages/4/28571.gifClick here to read more about the first lawsuit.

      In a case filed on June 29 in the United States District Court of Seattle, plaintiffs Engineered Process Controls and Univex, along with individual end users David DiDomizio, Edward Misfud and Martin Sifuentes, have charged that Microsofts technology amounts to a form of spyware.

      The suit specifically contends that Microsoft intentionally duped its customers by delivering WGA as part of a critical security update without telling them that the anti-piracy program would secretly communicate with its own servers. Since the program “gathers data that can easily identify individual PCs,” including a machines IP address and BIOS information, and could potentially be used to gather other types of information, it is akin to malicious threats, the suit claims.

      In doing so, WGA violates Washingtons existing anti-spyware laws, according to the suit, which mirrors a similar claim filed by a California man on June 26. That legal action, brought forward in the U.S. District Court in Seattle by Los Angeles resident Brian Johnson, claims that Microsoft failed to properly disclose all the details of WGA when the technology, meant to help stop the widespread pirating of Microsofts Windows operating system, was upgraded in April.

      /zimages/4/28571.gifClick here to read more about the WGA Notifications controversy.

      While WGA was first introduced in 2004, the suit alleges that the feature became similar to a form of spyware when it was expanded to include a system that made contact with Microsofts servers to help the company identify people who may be using pirated versions of its market-leading operating system.

      The updated version of the WGA tool included two separate components, WGA Validation and WGA Notifications, which, respectively, promised to determine whether a copy of Windows is pirated or not and alert users who Microsoft believes are running illegal copies of its software. However, WGAs notification aspect was discovered to have been “phoning home” to Microsofts servers on a daily basis, touching off a wave of controversy among those who believe the feature could be used by Microsoft to keep tabs on people using its software.

      On June 27, Microsoft agreed to remove the controversial notification component from WGA, announcing an updated version of the tool that is being delivered to millions of Windows XP users via Automatic Updates with one major change. Previously, a PC that had installed WGA Notifications checked a server-side configuration setting upon each log-in to determine if WGA Notifications should run or not. This daily configuration file check has been removed in the updated WGA Notifications package.

      The company said WGA Validation still will check periodically to determine whether the version of Windows is genuine. Microsoft officials did not immediately respond to calls seeking comment on the new WGA lawsuit, but have labeled the claims of the initial class-action suit as “without merit.”

      “This [suit] distorts the real objectives of the [WGA] program and obscures the real issue, which is the harm to consumers posed by software piracy,” Jim Desler, a Microsoft spokesperson, said of Johnsons lawsuit. “As with all of our programs weve gotten constructive customer feedback, the program has evolved and weve made improvements; Microsoft continues its efforts to foster better communications with its customers.”

      /zimages/4/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

      Matt Hines
      Matt Hines

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      MOST POPULAR ARTICLES

      Artificial Intelligence

      9 Best AI 3D Generators You Need...

      Sam Rinko - June 25, 2024 0
      AI 3D Generators are powerful tools for many different industries. Discover the best AI 3D Generators, and learn which is best for your specific use case.
      Read more
      Cloud

      RingCentral Expands Its Collaboration Platform

      Zeus Kerravala - November 22, 2023 0
      RingCentral adds AI-enabled contact center and hybrid event products to its suite of collaboration services.
      Read more
      Artificial Intelligence

      8 Best AI Data Analytics Software &...

      Aminu Abdullahi - January 18, 2024 0
      Learn the top AI data analytics software to use. Compare AI data analytics solutions & features to make the best choice for your business.
      Read more
      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Video

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2024 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×