Stories
Slash Boxes
Comments
NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

All the Perl that's Practical to Extract and Report

use Perl Log In

Log In

[ Create a new account ]

Matts (1087)

Matts
  (email not shown publicly)

I work for MessageLabs [messagelabs.com] in Toronto, ON, Canada. I write spam filters, MTA software, high performance network software, string matching algorithms, and other cool stuff mostly in Perl and C.

Journal of Matts (1087)

Friday October 25, 2002
04:11 AM

friendgreetings.com

[ #8585 ]

There's a new "worm" going around which I find *really* interesting.

I'm having a hard time calling it a virus, even though we're stopping it as a virus for our customers. It's basically an email from a "friend" - with a link in it to get your greetings card from "friendgreetings.com". When you click on the link it tries to download and install either an ActiveX component (IE) or a Java component (Netscape). This component (which is validly signed), when it tries to install itself, prompts you with an EULA that states the following:

1. Consent to E-Mail Your Contacts.  As part of the installation process, Permissioned Media will access your MicroSoft Outlook(r) Contacts list and send an e-mail to persons on your Contacts list inviting them to download FriendGreetings or related products.  By downloading, installing, accessing or using the FriendGreetings, you authorize Permissioned Media to access your MicroSoft(r) Outlook(r) Contacts list and to send a personalized e-mail message to persons on your Contact list.  IF YOU DO NOT WANT US TO ACCESS YOUR CONTACT LIST AND SEND AN E-MAIL MESSAGE TO PERSONS ON THAT LIST, DO NOT DOWNLOAD, INSTALL, ACCESS OR USE FRIENDGREETINGS.
 
[and much more snipped]

This is totally legit as far as I can make out. The user installs and runs a program that emails out to everyone in your address book, and not only that it tells you it's going to do it, very clearly.

Of course nobody reads EULA's, so we're seeing thousands of these pass through our systems.

I just find this a really amusing look into the social aspects of computing. We've become so numb to boring 20 page EULA's that we'll just install anything without reading. Fascinating.

[By "we", I mean the general computing populous - not us geeks who wouldn't install this in a million years]

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
 Full
 Abbreviated
 Hidden
More | Login | Reply
Loading... please wait.
  • By "we", I mean the general computing populous - not us geeks who wouldn't install this in a million years

    If you run windows and you think it's just another plugin you need to view something odd, maybe you would.

    Of course, now you wouldn't anymore.

    And obviously us geeks don't do MS-Windows. :-)

      - ask
    --

    -- ask bjoern hansen [askbjoernhansen.com], !try; do();

    • A user of mine installed the friendgreetings app. This caused his Office shortcuts to not work. I connected to friendgreetings.com and a site came up only saying Hello World It is code that harmed a computer I am responsible for - To me this is a virus that needs to be stopped by my virus software, no matter if a user clicks on the program or not.