Malware license agreement tells it straight
Print story'FU' sucker
Posted in Security, 9th August 2007 10:39 GMT
Free whitepaper – The starter PKI program
You normally need a law degree and the patience of Job to make sense of End User License Agreements (EULAs).
These seldom-read legal screeds have a reputation for being both hard to fathom and often one-sided in protecting the rights of software suppliers. So it's refreshing to find an agreement that gets straight to the point without wasting users' time scrolling down through something they aren't going to read anyway.
hotelcodec.com says it like it is.
A license agreement for a malware-bundled codec from hotelcodec.com simply says: "FUCK YOU".
We're indebted to Stopbadware.org, a "Neighbourhood Watch" campaign aimed at fighting malware for bringing this example of plain English to our attention. "While we appreciate hotelcodec.com's concise EULA, we don't suggest that users install their codec on their machines," Stopbadware.org advises.
Hotelcodec.com connects to a site called tvcodec that prompt users to download a "codec" that supposedly improves video and audio quality. The hotelcodec1000.exe application offered up contains the Zlob Trojan (AKA DNSChanger), as confirmed by tests we carried out at VirusTotal (see screen shot here).
Anti-virus detection is patchy for now, but the site is well on its way to being blacklisted by security services such as McAfee SiteAdvisor, as you can see here. ®
Free whitepaper – Securing your Microsoft Internet Information Services (MS IIS) web server
The best practices guide for application security
Avoiding 7 common mistakes of IT security compliance
The starter PKI program
Airport insecurity: the case of lost laptops
The mandate for application security
Google cloud told to encrypt itself
Buggy 'smart meters' open door to power-grid botnet
Chinese firm hits back at cyberspy claims
BlockMaster SafeStick hardware-encrypted USB drive
