Computer and Online Securities

The top commander of the department of Defense network operations just ordered a crackdown on security. According to a recent article by NetworkWorld on January 16,2006, Lt. General Charles Croom is quoted as saying, “The attacks are coming from everywhere and they’re getting better.” His talk was the keynote address at the Department of Defense Cyber Crime Conference held on January 9 – 14, 2005 in Clearwater, Florida. The event is sponsored by the Defense Cyber Crime Center and the Joint Task Force. Over 500 computer crime specialists from the FBI and the military attended the event.

The crackdown was related to a recent arrest of a “Computer Virus Broker” named Jeanson James Ancheta. On further investigation, a Department of Justice press release from Nov 3^rd, 2005 offered the following information on this incident, “In the first prosecution of its kind in the nation, a well-known member of the “botmaster underground” has been indicted on federal charges for profiting from the use of “botnets” – armies of computers that are under the control of the botmaster and are used to launch destructive attacks or to send huge quantities of spam across the Internet.

Jeanson James Ancheta, 20, of Downey, California, was arrested this morning by special agents with the Federal Bureau of Investigation. Ancheta was indicted yesterday in two separate conspiracies, as well as substantive charges of attempting to cause damage to protected computers, causing damage to computers used by the federal government in national defense, accessing protected computers without authorization to commit fraud and money laundering.”

The press release goes on to describe more details of this scheme that clearly show why the Deparment of Defense is so concerned (for more information go to: http://www.usdoj.gov/criminal/cybercrime/anchetaArrest.htm )

“Ancheta had become an affiliate of several different advertising service companies, and those companies paid him a commission based upon the number of installations. To avoid detection by network administrators, security analysts and law enforcement, Ancheta would vary the download times and rates of the adware installations. When companies hosting Ancheta’s adware servers discovered the malicious activity, Ancheta redirected his botnet armies to a different server he controlled to pick up adware. To generate the roughly $60,000 he received in advertising affiliate proceeds, Ancheta caused the surreptitious installation of adware on approximately 400,000 compromised computers. Ancheta used the advertising affiliate proceeds he earned to pay for, among other things, the multiple servers used to conduct his schemes.

Ancheta used programs powerful enough to cause the infection of computers at the Weapons Division of the United States Naval Air Warfare Center in China Lake, as well as computers belonging to the Defense Information Systems Agency, a component of the United States Department of Defense. Both networks are used exclusively by the federal government in furtherance of national defense. After being arrested this morning at the FBI Field Office in Los Angeles, Ancheta was transported to United States District Court in Los Angeles. It is unclear if he will make his initial court appearance this afternoon or tomorrow. Ancheta is charged with two counts of conspiracy, two counts of attempted transmission of code to a protected computer, two counts of transmission of code to a government computer, five counts of accessing a protected computer to commit fraud and five counts of money laundering. Count 17 of the indictment seeks the forfeiture of more than $60,000 in cash, a BMW automobile and computer equipment that the indictment alleges are the proceeds and instrumentalities of Ancheta’s illegal activity.”

Some recent news. Ancheta pleaded guilty to charges of conspiring to violate anti-spam and computer misuse laws, and fraud and will serve from 4-6 years in prison, under the plea agreement – plus heavy fines.

Spyware and Adware are not only an ever increasing nuisance for computer users everywhere, but also a booming industry. According to Webroot Software, Inc., the distribution of online advertisements through spyware and adware has become a $2 billion industry.

The aggressive advertising and spying tactics demonstrated by some of these programs, require an equally aggressive response from a seasoned eradicator. Sunbelt Software is such a company. A leader in Anti-Spyware, Anti-Spam, Network Security and System Management tools, they gave consistently remained on the cutting-edge of anti-spyware programming since 1994.

One of their more notable software applications is CounterSpy 1.5. CounterSpy is designed to detect and remove spyware that is already in your computer system. Additionally, it provides real-time protection while preventing browser hijacking and changes to your computer’s Registry.

Other notable features include:

¨ Detection and Removal of Tracking Cookies – while it is true that applications like Microsoft AntiSpyware Beta are free, they do not include the ability to detect and remove tracking cookies like CounterSpy does.

¨ History Cleaner – erases any traceable trails left on your computer as you surf the Internet.

¨ Secure File Eraser – a powerful deletion tool that can completely eliminate all files you want removed from your computer including images, music, movies and applications.

¨ PC Explorer – allows you a look into files and areas that are normally inconvenient to access, such as your startup programs, browser helper objects, and ActiveX programs that are being downloaded or used.

¨ Support for Older Operating Systems – includes Windows 98SE, Windows ME, and Windows NT.

Recommended by PC World, ConsumerSearch, and Dell, CounterSpy holds one of the highest effective ratings for spyware removal. It also received high marks from TopTenReviews (2006) for ease of use, customization/installation, and help/support. For only $19.95 per machine, users can receive a one year subscription with updates, upgrades, and technical support from real live humans. CounterSpy definitely provides ease of use and affordability for just about any computer user from the novice to the expert.

I recently hit, by mistake, what I thought was an Explorer upgrade option. It turned out to be a pop-up appearing legitimate but really was not. It uploaded a product called Intelligent Explorer on my machine. What a nightmare!

I did some research on the web and found messages like this one from a BullGuard Antivirus Forum,

“PLEASE HELP!!! I HAVE A SPYWARE, TROJAN AND HIJACKER ON MY COMPUTER. I HAVE RUN BULLGUARD, CWSHREDDER AND AD-AWARE. ALL HAVE PICKED UP THE VIRUSES AND SAID THAT THEY HAVE BEEN MOVED/REMOVED BUT WHEN I LOG ONTO THE INTERNET THAT DAMN INTELLIGENT EXPLORER TOOLBAR IS SHOWING”

Another message from spywareinfo Forum goes something like this:

“Hey I’m having issues with something called Internet explorer toolbar – Intelligent explorer. I can’t find a way to remove it from my comp and I really don’t want to reinstall windows. I’ve used spybot, ad-ware, and cw shredder but nothing seems to work.”

It appears that Intelligent Explorer allows other software to be downloaded to your machine and this is where the problem occurs. What is even more remarkable is that by downloading Intelligent Explorer, their license grants them the right to install software add-ins on your computer at their will. Take a look at what the software license for Intelligent Explore says (go to http://www.ieplugin.com/terms.html to read it all):

“You grant to us the right, exercisable by us until you uninstall the Software or this agreement is otherwise terminated, to provide to you the Service of downloading and causing to be displayed advertising material on your computer, through ‘pop-up’ or other display while you use your browser. You acknowledge and agree that installation of the Software may automatically modify toolbars and other settings of your browser. By installing the Software you agree to such modifications.”

The company, IBC incorporated, is incorporated in Belize. I really can’t believe this license!

One end user found highly objectionable pop-up advertisements generated by this software bundled with Intelligent Explorer in the form of extreme pornography.

I have yet to break this.

Intelligent Explorer is a plug-in, which can create a new home page, as well as start up and endless loop of pop-ups. You can remove the view bar, but then starting up Internet Explorer will cause it to reappear. I asked some friends to help, and no one could tell me what to do.

This is what I did:

I bought a copy of a program called XoftSpy and it removed the software. It took two scans and a reboot to do it. This is not an advertisement for this product. They advertised it was free, which it was to run, but then I had to buy it to actually fix anything. It cost me $40 and I am sure that there are freeware products out there as well, but that is what ended the nightmare for me. Other spyware products I have seen out there include spybot, NoAdware, Spyware Eliminator, Pal Spyware Remover, and Spyware C.O.P.

Let the buyer beware!