Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

Announcement: Microsoft and the Washington Attorney General unveil several "scareware" lawsuits

September 29th 2008 in Uncategorized

Edited to update documentary links..

Washington Attorney General, Rob McKenna (whose work has been featured on this blog several times) and Richard Boscovich, Senior Attorney for Microsoft’s Internet Safety Enforcement Team, unveiled several lawsuits against malware (what they call “scareware”) pushers today.  The lawsuits are the first to be filed under the State’s recently amended Computer Spyware Act.   Note that there have been earlier lawsuits, but they were *before* the Computer Sypware Act was amended.

The news conference was attended by Attorney General Rob McKenna, Richard Boscovich and Paula Selis, Senior Counsel at the Attorney General’s Office, Consumer Protection Division.

I am listening to the Press Conference as I type, so I apologize if this entry is a bit disjointed.  The Press Release includes a visual demonstration of scareware, which will give me a chance to catch up on typing this article while the reporters watch a video demonstrating what we are so familiar with.

I do have one complaint though – is it really so hard for the apparently professional reporters to use the god-damned mute button on their telephones so that we don’t have to listen to their hands squelching on their phone handsets, papers rustling or their sighs/heavy breathing except for during question?????????  Yes, I used my mute button.

The official Press Release says:

SEATTLE – Attorney General Rob McKenna stood at the frontlines with Microsoft Corp. in the war against spyware in 2006. Now armed with tougher legislation, the state’s top law enforcement officer, with the world’s largest software company, is charging forward with new lawsuits targeting scareware purveyors.

The Attorney General’s Office along with Microsoft has yanked the fear factor dial out of the hands of businesses that use scareware as a marketing tool and have spun it toward them,” McKenna said.

We won’t tolerate the use of alarmist warnings or deceptive ‘free scans’ to trick consumers into buying software to fix a problem that doesn’t even exist,” McKenna continued. “We’ve repeatedly proven that Internet companies that prey on consumers’ anxieties are within our reach.”

The Attorney General’s Office along with Microsoft announced the filing of new cases under Washington’s recently improved Computer Spyware Act during a joint press conference today in Seattle.

Microsoft is honored to assist Washington Attorney General McKenna in helping to protect consumers from online threats,” said Richard Boscovich, Senior Attorney for Microsoft’s Internet Safety Enforcement Team. “Cybercrime continues to evolve, but with public/private collaboration such as this, we can work to champion tougher laws, greater public awareness and, ultimately, stronger protections for online consumers.

In 2005, Washington became one of the first states to adopt a law explicitly prohibiting spyware activities and imposing serious penalties on violators. The statute doesn’t stop at outlawing programs that collect personal information, but uses a broader definition of “spyware” and punishes those who mislead users into believing software is necessary for security. The law was updated last session to create additional liability for third-parties that permit the transmission of spyware and to address new types of deceptive behaviors, such as misrepresenting the need for computer repairs.

As of today, the Attorney General’s Office has filed seven suits under the statute.

The Attorney General’s Office filed its latest case today in King County Superior Court against the marketers of a program called Registry Cleaner XP. The civil suit brings five causes of action against James Reed McCreary IV, of The Woodlands, Texas, and two businesses: Branch Software, of The Woodlands, Texas, doing business as Registry Cleaner XP, and Alpha Red, Inc., of Houston, Texas. McCreary is the sole director of Branch Software and CEO of Alpha Red.

McKenna said Microsoft referred the case to the Attorney General’s Consumer Protection High-Tech Unit and has been helpful in assisting the office with enforcement issues.

According to the state’s complaint, the defendants sent incessant pop-ups resembling system warnings to consumers’ personal computers. The messages read “CRITICAL ERROR MESSAGE! – REGISTRY DAMAGED AND CORRUPTED,” and instructed users to visit a Web site to download Registry Cleaner XP.

Computers capable of receiving Windows Messenger Service pop-ups, also known as Net Send messages, were vulnerable to the attacks. Windows Messenger Service, not to be confused with the instant-messaging program Windows Live Messenger, is primarily designed for use on a network and allows administrators to send notices to users.

Consumers who visited the Web site were offered a free scan to check their computer – but the program found ‘critical’ errors every time,” said Senior Counsel Paula Selis, who leads the Attorney General’s Consumer Protection High-Tech Unit. “Users were then told to pay $39.95 to repair these dubious problems.”

The filings today bring the number of civil spyware actions brought by Microsoft since the Computer Spyware Act was first enacted in 2005 to 17.  In 2006, Microsoft and the Attorney General each brought lawsuits against the same group of defendants under the Washington Computer Spyware Act, obtaining permanent injunctions and settlements.   Additionally, Microsoft has routinely worked with the FTC and other state and federal law enforcement agencies in the battle against spyware.

Spyware has arguably become the biggest online threat to consumers and businesses since the advent of the Internet. Microsoft has said that 50 percent of its customer-support calls related to computer crashes can be blamed on spyware.

Complaint:
http://www.atg.wa.gov/uploadedFiles/Home/News/Press_Releases/2008/ComplaintRegistryCleaner.pdf

Registry Cleaner XP demo:
http://www.atg.wa.gov/uploadedFiles/Home/News/Press_Releases/2008/RegistryCleanerXP-Demo.wmv

The Attorney General said that the thing that bothered him most was the “blatant rip-off” that is scareware.  It was also mentioned that 50% of support calls to Microsoft were related to scareware – yes, 50%.  So far, as I listen to the demonstration, I have heard no mention of the double-dipping on credit cards that scareware is so notorious for – regular readers will know that Bucksbill is notorious for charging $70 or so instead of $35 or so.

Hang on, Richard Boscovich of Microsoft is speaking now…

Ok, Richard says that of the 7 lawsuits mentioned, five are apparently “Jane Doe” type lawsuits, where some parties are not yet identified. 

The primary focus of the reporters, and Paula/Richard, was discussing *how* the scareware alerts get on to a user’s system – the primary, nay the only, cause mentioned was Net Send (aka Windows Messenger, which should not be confused with Windows Live Messenger (the online chat software).  Windows Messenger Service is, of course, disabled by default as of XP SP2 and only works if there is no firewall interfering.  Disappointingly, no mention was made of malvertizing!

Details of the other lawsuits are not available at time of writing.  I am sure that information will eventually appear on microsoft.com but for now, all we have is the PDF complaint mentioned in the Washington Attorney General’s Press Release.


Comments are closed.

Let’s take a look-see at where Intercage/Atrivo’s most infamous client, esthosts/estdomains, are situated – using Domaintools, cidr-report.org and bfk-de, and a smattering of Sam Spade 1.14.  I’m not using Robtex that much because I get the sense that, sometimes, its data is behind the times and it should be noted that by the time […]

Previous Entry

Here we go… the other lucky recipients of Microsoft’s attentions in the “John Doe” (which I earlier called “Jane Doe”) lawsuits are: XPdefender.comCase No. 08-2-33382-5 SEAJudge Suzanne Barnett WinSpywareProtectCase No. 08-2-33380-9 SEAJudge Joan DeBuque WinDefenderCase No. 08-2-33377-9 SEAJudge Michael J. Fox MalwareCoreCase No. 08-2-33375-2 SEAJudge Douglas McBroom Antivirus 2009Case No. […]

Next Entry

Archives