Authors of the Storm Worm Trojan are targeting machines running adware packages from Zango, and the developer is anxious to point out that it wouldn't touch said botmasters with yours. The circulation of an 'AdPack' exploit toolkit on the botnet maintained by the Storm Trojan initially provoked speculation that the botmasters …
25% of my job used to be wasted uninstalling zango and 180solutions crapware
"Even Zango's most vociferous critics are inclined to believe that the firm would have nothing to do with the crooks behind the Storm Worm": WRONG - myself as an example.
@ Slane Thats B*
I used to work with Zango, and they operate a zero tolerance policy on that kind of nonsense. Which is a good thing.
I was about to go on a personal insulting slane, but I'll spare it. You just have a lack of information to go on.
So if the Storm Worm is being directed to targets that have Zango installed, obviously there's a weakness in Zango's adware that's being actively exploited, right?
So there's a "Roll it out if it works, who cares if it's secure" line of reasoning in a company that actively seeks to exploit people's PCs with adware? GASP! And the hackers found the weaknesses and are exploiting them? Double-GASP!
Meh, just another reason to keep Zango (or any other adware) off your system.
@ Anonymous Coward
You are in error sir. I assure you that on most days I discovered amongst the 250 odd networked computers that I was responsible for, a selection of taskbar "enhancements" often including "weatherwatch" amongst others that were installed to a folder named "180solutions" within program files on the "C" drive of these machines. In order to uninstall them I was in direct communication with 180solutions and finally persuaded them to provide me with a small executable that assisted the very time consuming process of uninstallation, deletion and reuninstallation that was required. It was often faster to use "ghost" to copy the image of another computer and many days were spent hunting for one clean system to provide the source for half a room.
The uninstallation process was long, slow and confusing, with numerous carefully worded questions to fool the user into accidentally failing to uninstall the siftware. It also triggered the computer to attempt to access the internet (not possible whilst logged in as an installer) and I did, on occasion activate the ICTech login to find out where this link was going. As it happens, 180solutions were conducting a survey to discover why it was that someone had gone to such lengths to uninstall their software and official records at 180solutions received at the time numerous feedback responses from me stating that the reason I was uninstalling their (note I didn't say "your" - this isn't a personal slanging match, merely your lack of knowledge regarding a company you have admitted to working with) software because the machine that it was installed on was public access, in a school, and NOT part of our recommended software collection.
As my job progressed, 180solutions became less common and "zango" became the norm, usually acquired on the back of some "free" game that has been installed, often unwittingly, by a pupil, despite the fact that pupil logins did not have administrative rights. The uninstallation process, however, was identical.
When you accuse me of being mistaken, sir, you are very much in error. I know exactly what I saw. Can you be so sure of every activity that was explored or exploited by the company you worked for?