Rootkit-spreading Spyware Shop Shuts Down

A spyware distributor noted for an extensive use of rootkits that make its software difficult to delete has closed shop


May 11, 2006
URL:http://drdobbs.com/security/rootkit-spreading-spyware-shop-shuts-dow/187202383

A spyware distributor noted for an extensive use of rootkits that make its software difficult to delete has closed shop, citing unspecified practices of its distribution partners as the reason.

ContextPlus, which spread spyware and adware, including software that hijacked searches and programs that leveled systems with egregious numbers of pop-up ads, has posted a message on its Web site saying it's out of the business.

"Due to concerns over the practices of some of its distribution partners, ContextPlus has determined that it is no longer able to ensure the highest standards of quality and customer care and therefore is discontinuing further distribution of its software," the message reads.

According to Finnish security vendor F-Secure, ContextPlus has been behind many of the rootkit infections that plague Windows users. In early December 2005, F-Secure noted that "since October 2005 the most common rootkit out there has clearly been Apropos spyware."

ContextPlus was using rootkits not to hide its spyware and adware programs, F-Secure claimed, but to make it difficult for anti-spyware software to stop their installation, and once on a PC, make it impossible to completely eradicate them.

Rootkits are a problem now for anti-spyware defenses, and will only become a bigger issue in the future, analysts say. Last month, McAfee claimed rootkit use had soared 600 percent in the last three years; worse, by 2008 a majority of spyware will be leaning on rootkits' cloaking tactics to hide from security software.

If ContextPlus's closing statement is straight up, it might mean the company's had to face some of the same problems as other adware purveyors, such as 180solutions and Claria, which have been plagued with rogue distributors that violate rules regarding how and to whom their adware can be installed.

Adware distributors have come under a building barrage of both criticism and court cases. In January, the Center for Democracy and Technology petitioned the Federal Trade Commission (FTC) to shut down 180solutions, while last week, Yahoo was hit with two lawsuits accusing the portal and search site of using spyware to spread ads.

Users who have Apropos spyware on their systems will receive an uninstaller if they e-mail ContextPlus, the company said on its Web site.

Terms of Service | Privacy Statement | Copyright © 2024 UBM Tech, All rights reserved.