Feeds

MS revokes 'adware' distributor's community award

Disavowed

5 things you didn’t know about cloud backup

Microsoft has pulled a developer award to a programmer linked to adware distribution one week after granting the accolade.

Cyril Paciullo, the developer of Messenger Plus and Messenger Plus Live, lost his Most Valued Professionals (MVPs) endorsement after critics pointed out that the software had been used to distribute an ad-ware program called Lop as well as its overt function of allowing IM users to stack chat windows. Security experts said that handing Paciullo an award made a mockery of the MVPs program, which is designed to recognise developers who are active in lending their technical expertise towards communities supporting Microsoft products or technologies. Around 2,600 people worldwide have earned the gong.

"Microsoft is rewarding someone that has an active involvement with one of the most maligned names in PC hijacking," Christopher Boyd, a Microsoft Security MVP who works as a director of FaceTime Security Labs, wrote in a blog entry last week.

Stung by the criticism, Microsoft decided to pull Paciullo's award while maintaining its process of selecting people suitable for the MVP award remain "rigorous", an assessment somewhat undermined by the finding that Microsoft's own anti-virus scanner detects Messenger Plus as potentially malign.

"Cyril Paciullo was awarded with MVP status this year on the basis of his technical expertise and strong community contribution. However, his active MVP Award status was revoked as soon as the extent of the connection between his application and spyware was made apparent to the MVP Program," Microsoft said in a statement, IDG reports.

Paciullo (AKA Patchou) is yet to comment public ally on his row. His website (http://www.msgpluslive.net/help/faq/privacy/#open-port) acknowledges that some security programs categorise a "sponsor program" included with Messenger Plus as potentially malign while reassuring surfers that bundled software is benign and that users have the option of declining to install the bundled software, or unistalling it once its on their machines.

Anti-spyware firm Sunbelt Software has a full write up of the link between Messenger Plus and LOP here. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
Ice cream headache as black hat hacks sack Dairy Queen
I scream, you scream, we all scream 'DATA BREACH'!
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Researchers camouflage haxxor traps with fake application traffic
Honeypots sweetened to resemble actual workloads, complete with 'secure' logins
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
New Snowden leak: How NSA shared 850-billion-plus metadata records
'Federated search' spaffed info all over Five Eyes chums
Three quarters of South Korea popped in online gaming raids
Records used to plunder game items, sold off to low lifes
Oz fed police in PDF redaction SNAFU
Give us your metadata, we'll publish your data
prev story

Whitepapers

Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Advanced data protection for your virtualized environments
Find a natural fit for optimizing protection for the often resource-constrained data protection process found in virtual environments.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.