StopScum

December 18, 2006

MySpace Teen Abuse WARNINGS: A magnet for Spyware slime bags and every kind of abuse you could ever imagine.

Your teen kids use MySpace. Over 70 million "kids" use MySpace. Over 26 million uniques per day hit this site. It's the largest magnet in the world for every kind of teen abuse you could imagine including but not limited to Spyware, identity theft, spam, and porn of all flavors. It's going to get even worse so take careful notes when you read this entry.

Mom, Dad and kids, read this!

Parents, if your kids use MySpace and or any social networking site, you must become involved with them. If your not willing to follow a few simple steps, I guarantee you that your kids will be abused so either do what I suggest or unplug the Net. Try this:

1. Engage your kids. Make it a family affair and ask them where they surf. Do it together and talk about the Net at dinner. WARN your kids and continue to monitor their actions in a non threatening manner. Surf together and share sites to bring the family closer together.

2. Profiles and all data on MySpace should NEVER use real names, DOB, phone numbers, and addresses. Use a screen name and don't post any personal data.

3. Don't click on any strange links or even read any strange messages from anyone, unless they are from a trusted friend.

4. Every machine in your home and or workplace which uses the Internet must have the following properly installed and running:

- Anti Virus Software with current profiles

- Anti Spyware Software with current profiles

- Anti Spam software with current profiles

- A Firewall with current patches/updates. I prefer a hardware solutions but software is better than nothing.

- Run the "Windows Update" on a regular basis

5. Share these tips with your friends and neighbors.

The latest MySpace abuse

Maybe you think I'm kidding or over reacting. You better read this tale of Spyware. The latest scam by the Spyware slime bags involves a software pitch which permit MySpace users to see who is viewing their profile pages. It's spreading like wild fire via a MySpace bulletin which is really SPAM and asks the kids to visit www.myfriendspy.com. Naturally, the promise of this software is false but you landed on the page and are hit with prompts to install Zango. The check box (over 18) is already checked and you can't read the TOS/EULA for Zango because the box/container is so small. You can't even copy the text to Notepad to read it. Yea its FREE but guess what, install Zango and you enter Spyware hell: multiple pops and so much advertising that your machine becomes way to slow to use and uninstalling it will definitely be another trip to Hell.

The future is grim

The criminals will continue to exploit your kids via MySpace and every other major Social Networking site. It's going to get even worse until the owners of these sites SUE the abusers, figure out a legal way to try and send them to JAIL, and keep doing this until these abuses diminish.

If you run a business and your employees have Net access, you better formalize your MySpace policy and my thoughts are rather simple to understand, your using my Computer at work, even if it's your own time so I'm going to ban/block these sites and if I catch you on them, your toast and that means termination.

Posted by Steve_S

November 11, 2006

BotMaster Criminal Jeanson James Ancheta pleads guilty and gets 57 months (almost 5 years) in federal prison.

While I'm overjoyed to see this Spyware Affiliate, hacker, cracker, BotNet slime bag, and criminal go to federal prison, I'm going to examine the enablers. Jeanson James Ancheta admitted generating for himself and an unindicted coconspirator more than $107,000 in advertising affiliate proceeds by silently downloading Spyware/Adware to more than 400,000 infected computers that he controlled. Ancheta was also ordered to pay approximately $15,000 in restitution to the Weapons Division of the United States Naval Air Warfare Center in China Lake and the Defense Information Systems Agency. He also forfeited to the government more than $60,000 in cash, a BMW automobile and computer equipment.

Enabler #1 - Mom and Dad

Your nearly as accountable as your son. Let me get this straight, your 19 year old kid sits in his bedroom all day and spends large amounts of money without a real job, yet YOU do nothing. Your offspring spends $600 a week on new clothes and car parts, yet you don't become involved. Your tears and that of your family mean zilch to me. Engage your kids. Learn exactly what they are doing. Take a College course and ask your friends. Read my entry on parental involvement to combat abuse.

Enabler #2 - The Unindicted coconspirator

This "partner in crime" resides in Boca Raton, Florida and uses a screen name of "SoBe". The legal papers in this case have additional details so it's obvious that the FBI and other authorities know where he lives and his real name. Since this criminal is a resident of another state, I can understand why he was not part of this legal action. However, lets get him and send him to jail for at least 5 years. If he is to young to go to federal prison, lets get Mom and Dad and send "SoBe to a juvenile detention facility for 5 years.

Enabler #3 - Hosting/Dedicated Server providers

Ancheta and his partner needed dedicated servers to run their IRC channel and BotNet, which infects computers. The following companies provided dedicated servers for this criminal activity: EasyDedicated, FDCServers, The Planet, and Sago Networks. It's clear to me that these hosting Companies are enablers. Why would ANY hosting company let a client run an IRC channel/service on their boxes? Where were the alerts for all the traffic these criminals BotNets generated, inspite of the fact that none of them ran a Web Site (Port 80). Lets get serious and terminate these accounts without turning a blind eye for money.

Enabler #4 - The Spyware Companies

Ancheta admitted generating for himself and an unindicted coconspirator more than $107,000 in advertising affiliate proceeds by silently downloading adware/Spyware to more than 400,000 infected computers that he controlled via his IRC channel/service and BotNet. He earned money from the following Spyware enabler programs: GammaCash, and LoudCash. LoudCash was owned by CDT, Inc and CDT was acquired by 180solutions in April of 2005. This company is currently known as ZangoCash.

Naturally, the "rogue affiliate" excsue rears it's ugly head. I can hear the chant, "Ancheta and partners were Affiliates who crossed the line and violated our own Network policies." HA! I'm not buying it. My back of the envelope calculations indicates that total payments of $107,000 represents at least 300,000 silent downloads of Spyware which these companies paid Ancheta for. ALL without a valid web site and forged HTTP referals. Where was the spot check on the site which referrred the download. This is easy stuff! Go look at the sites! Does the whois owner of the referring site match your affiliates name and address via whois? Did you Spyware enablers provide your mentally challenged Advertisers with a "make good" for these non compliant installs? I think NOT. In my world, each and every one of these Companies needs to be sued and hopefully senior management will spend time in federal prison after the appropriate court/legal procedures.

Fianl thoughts

Ancheta also sold the use of his BotNets to other criminals. These payments used PayPal (owned by EBay) to transfer funds and it appears they cooperated but I'm still woundering why they also didn't sue lots of folks. Matter of fact, I can't recall ANY legal action started by PayPal. Tips for PayPal: your service is the money laundering capital of the world. Criiminals like Ancheta and the folks who rented his BotNet are using your service to transfer money. FREEZE their funds without warning and then SUE all of them. Exactly how hard is that to understand.

Sources for the entry:

Grand Jury Inditement

Press Release - US Attorney, Los Angeles and another US Attorney Press Release

http://www.thejournalnews.com/apps/pbcs.dll/article?AID=/20060501/BUSINESS01/605010305/1066

Posted by Steve_S

October 07, 2006

Additional data on the FTC default Judgment against Spyware kings Sanford Wallace, Smartbot.Net, OptinTrade and Jared Lansky. Answers to your emails on this issue. Other Spyware players involved in this case exposed.

Your insightful emails warrant another entry on this issue. Featuring additional Spyware "conspirators" named John Robert Martinson and Spy Wiper, Spy Deleter, Odysseus Marketing and its principal, Walter Rines, plus a litany of additional characters. All of which reads like a "Mafia Conspiracy" because in many respects, that's exactly what it is. Finally, my thoughts on serious JAIL sentences for these Spyware players.

Reader "Susie" asks: How did the FTC arrive at the 4 Millon dollar plus default Judgment against Sanford Wallace?

The FTC obtained numerous internal documents to trace the exchange of money between Sanford Wallace/Smartbot.Net and his partners. Consider some of the "partnerships" which Wallace formed with like minded Criminals. In all cases he was paid lots of money. The net net is over 4 million dollars changed hands which the FTC traced. The FTC says:

"Defendants' course of conduct in marketing Spy Wiper and Spy Deleter has no benefits to consumers or competition . 39. Therefore, Defendants' practices in marketing Spy Wiper and Spy Deleter described above are unfair and violate Section 5 of the FTC Act, 15 U .S.C. § 45(a) . 40. Defendants generated revenues through exploiting vulnerabilities in the IE web browser to download and install software programs and distribute advertising on behalf of others, including, but not limited to, CDT, Inc. ; Friendfinder Network/Friendfinder, Inc. ; Internet Traffic Pros. Inc . ; Mindset Interactive, Inc . (Broadspring) ; Odysseus Marketing, Inc.; PKW Interactive, LLC; Quadrogram LLC; RK NetMedia, Inc., SI National, LLC, Web Entertainment Group, Inc ., Wild Media, LLC (Overpro), and numerous other companies managed by Co-Defendants OptinTrade and Lansky. See S . Schools Dec . Default ¶¶ 16-18 ; J. Lansky Dec. ¶¶ 5-7 ; and Declaration of Kenneth Kelly, attached as Exhibit 2 to the Federal Trade Commission's Memorandum In Support of the Motion for Judgment By Default, Entry of Permanent Injunction and Order for Disgorgement Against Defendants Sanford Wallace and SmartBot.Net, Inc . (K. Kelly Dec. ) Defendants also generated revenues through exploiting vulnerabilities in the IE web browser to market products on behalf of others, including, but not limited to, Co-Defendants John Robert Martinson ("Martinson"), Spy Wiper, Inc . ("Spy Wiper"), and Spy Deleter, Inc ."

Source: http://www.ftc.gov/os/caselist/0423125/WallaceFinalJudgment.pdf

Reader "broken arrow" asks: Can you provide more details on exactly how they earn money from Spyware?

It's a complex issue but lets start with how these like minded folks form partnerships. Some of the major players were formerly involved in Spam. Some have prison records like John Robert Martinson. Both Martinson and Wallace have multimillon dollar Judgments against them for their previous Spam activities. Here are a couple of methods which I have simplified:

1. Wallace strikes a "deal" with Martinson to sell Spy Wiper and or Spy Deleter. Wallace earns around 30% of each sale. To insure his sales, Wallace first infects the surfers machine with Spyware, then blasts pops at the surfer which indicate their machines are infected and they need to purchase Spy Wiper and or Spy Deleter ASAP. Wallace creates the problem and then participates in the revenue generated from the sales.

2. Wallace needs traffic to his sites and or Wallace needs methods to deliver his Spyware to surfers computers. He "partners" with OptinTrade and Lansky who acts as a "front man" and this "ad broker" buys banner impressions with major Netowrks and all of the Companies I listed above. Both Lansky and Wallace participate in the revenue stream as these companies (listed above) pay money to other parties for delivering their Spyware/Advertisement. The FTC obtained internal documents to trace the flow of money in this relationship and slams Lansky with a default Judgement for 227K.

Source: http://atlanta.creativeloafing.com/2004-08-12/cover.html

Unfinished Business

This action was amended by the FTC to include an additional Spyware player named John Robert Martinson who sold Spy Wiper and Spy Deleter. I hope the FTC purses him.

"Dated 4/8/05

Through this action, the FTC is seeking to name as additional defendants Optintrade, Inc.; Jared Lansky; Mailwiper, Inc.; Spy Deleter, Inc.; and John Robert Martinson. The amended complaint alleges that, on behalf of the Seismic defendants, OptinTrade, Inc., and its principal Jared Lansky disseminated Internet pop-up ads causing consumers’ computers to be sent to the Seismic defendants’ Web sites, to have their Web browser home pages changed, and to have spyware and other software installed without authorization. The amended complaint also alleges that Mailwiper, Inc.; Spy Deleter, Inc.; and John Robert Martinson retained the Seismic defendants to unfairly market the purported anti-spyware products, Spy Wiper and Spy Deleter."

Source: http://www.ftc.gov/opa/2005/04/fyi0526.htm

The FTC currently has a seperate action against another Spyware Criminal:

"In a second case, the FTC charged that Odysseus Marketing and its principal, Walter Rines, lured consumers to their Web site by advertising bogus software they claimed would allow consumers to engage in anonymous peer-to-peer file sharing. According to the FTC, the spyware and other software bundled with it hijacked search engines and reformatted search engine results, placing Rines’ clients first."

Source: http://www.ftc.gov/opa/2006/05/seismic.htm

What really needs to happen. Send them ALL to JAIL!

Many of these Spyware players belong in Federal Prison for 10 to 20 years. Unfortunately, none of the legal procedures and cast of characters which I have documented involve criminal/jail time charges. They are all civil actions. We need laws and or aggressive legal actions to accomplish this. To support my thoughts please consider this:

1. A criminal brakes into your house and steals millions of dollars or even lesser amounts then this criminal would go to jail after "due process". This happens all the time. If this same criminal stole millions from a Bank via either a break in and or a white collar crime, they would certainly find themselves in jail after due process. This happens all the time.

2. Exactly who are we kidding. Some of the players I have documented above already have multi-millon dollar money Judgments against them. They simply view this as the cost of doing business since they don't pay and then they continue to abuse and exploit Internet users with new techniques.

3. This case documents over 4 million dollars. A HUGE amount of moeny changed hands and millions of computers were damaged/infected. I can't imagine any other type of criminal activity with these dollar amounts and inflicted damage which would NOT involve jail time.

Posted by Steve_S

May 06, 2006

FTC wins HUGE default Judgments against Spyware criminals: Sanford Wallace, Smartbot.Net, OptinTrade and Jared Lansky.

This case was originally filed in Oct. of 2004. Finally, we have a resolution to the issue. We will trace Sanford Wallace's own comments while the case was pending and provide guidance for you.

Some people never change

Sanford Wallace is a name you probably remember from his days as one of the worlds largest Spammers via Cyber Promotions. When this dried up for "Spamford" via numerous law suits he "retired", and eventually moved into Spyware via drive by silent downloads, front men to buy Campaigns and continued to make money using these deplorable techniques.

Let's take a look at exactly what Sanford Wallace said about his Spyware actions. In these posts he is using a user name of "lwrules" and as the former owner of this Forum, I can tell you with 100% assurance that it's really him:

His words before the FTC sued him:

"First off, Passthison's change in business model addresses silent downloads, not active-x.

With that said. If using active-x increases your eCPM enough to compensate for loss of *some* visitors, then there is absolutely ZERO reason *not* to use it in my opinion.

By using active-x, you are seeking PERMISSION to install software. Assuming you do so in a way that is not designed to TRICK your users into downloading anything, then you are doing ASBOLUTELY NOTHING wrong and it is within your rights to do so. Just like pop-ups, if you use active-x to monetize your site, it's your decision. In my experience, I don't believe it will scare away too many visitors as long as you don't popup too many screens per session."

Source: http://www.geekvillage.com/forums/showthread.php?s=&threadid=24806

AFTER the FTC sued him in this case he said:

"Also this whole claim of creating a problem and selling the solution is not as clear cut as the FTC puts it in its complaint. There are a lot of issues here.So go on and continue making 12 cents per 1000 impressions and pat yourselves on the back for doing the right thing."

"The FTC is painting a picture of us creating a malicious problem and then selling the solution. That is a convenient, press friendly allegation."

"The truth is we never did anything with the intent to damage anybody, nor do I believe we used exortion type marketing. We never attempted to interfere or burden people anymore than pop-ups and other aggressive ads would interfere with a computer's operation."

Source: http://www.geekvillage.com/forums/showthread.php?t=25621

The FTC and the courts think otherwise. Mr. Wallace owes 4 Millon plus, your thoughts and actions are deplorable and your justifications are false. The FTC says:

"For Release: May 4, 2006 - A default judgment against Wallace and Smartbot.Net orders them to give up $4,089,500 in ill-gotten gains. The order also bars them from downloading spyware onto consumers’ computers; from downloading any software without consumers’ consent; from redirecting consumers’ computers to sites or servers other than those the consumers selected to visit; from changing any Web browser’s default home page; and from modifying or replacing the search features or functions of any search engine. A settlement with defendants OptinTrade and Jared Lansky, bars the same practices that are barred in the Wallace and Smartbot.Net judgment. Lansky, an ad broker who disseminated ads containing Wallace’s spyware, will give up $227,000 in ill-gotten gains."

Source: http://www.ftc.gov/opa/2006/05/seismic.htm

The defult Judgement: http://www.ftc.gov/os/caselist/0423125/WallaceFinalJudgment.pdf

The front man: OptinTrade and Jared Lansky ordered to pay 227K

Part of this deception was to use this front man who is acting as an "ad broker". Lansky purchases Campaigns from well known Networks like Advertising.com, starts the Campaign with compliant NON Syware creatives, and then Wallace and Lansky slip streams his Spyware laden creatives into the "banner stream" over the weekend, and then cancells the Campaign on Monday morning.

My final thoughts

Affiliate Programs and all Advertising Netowrks MUST perform "due dillegence" BEFORE you partner with anyone on planet earth. So Lansky is an "ad broker" and you let money drive the partnership with this "Criminal" as opposed to actually conducting due dilligence and placing ALL new clients on a provisional basis so they don't have access to their banner stream to switch creatives without your exspress prior permission.

Unfortunetly, none of these legal procedures involves jail time. In my world, all of the Spyware cases would involve time in federal prison for 10 to 20 years. This would be the ultimate hammer!

Some of the threads I have posted contain comments from Webmasters/Publishers. Lots of these folks think its fine to infect, damage, and exploit their site visitors via Spyware in exchange for money. More law suits against Publishers are needed and it would certainly be nice if a few of them could also spend 10 to 20 years in federal proson.

Edited Insert: A very personal piece of advice for Sanford Wallace

Sanford, I've seen and heard your "DJ" gig in Vegas. Your very good. Some of these DJs make over 100K per year. You have all the talent and exposure to do this. Stay OFF the Internet, pay back all the money you owe the FTC (4 MIllion plus) via monthly payments, and continue to enhance your DJ career. Thanks to Brian for the initial News of your DJ gig at http://spamkings.oreilly.com/archives/2005/01/no_more_exploit_1.html

Posted by Steve_S

February 20, 2006

Additional Data about Dale Begg-Smith & AdsCPM: A Spyware distributor and Olympic Gold Medal winner

Learn additional facts not published anywhere else about Dale Begg-Smith and his Spyware distribution. Including my very own emails, his IP data, and much more. This entry is a follow up to my original post which you should read first.

New and exciting data for your reading pleasure

1) I previously reported that Dale Begg-Smith was a banned member of the GeekVillage Forums and posted in this thread. The post is signed "Dale Begg-Smith" and the member name he used was "adscpm". During this period of time (5/2002) I owned these forums. I sold same in 10/04. Part of my duties was to warn members when they violate the rules. In this respect I sent the following email to member adscpm/Dale Begg-Smith. Please carefully note the email address of this member:

From: "Webmaster of GeekVillage"
To: dale@adscpm.com
Subject: NOTICE: your post removed from geek/talk Forums at GeekVillage.com
Date: Wed, 8 May 2002 12:09:44 -0700
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.50.4522.1200
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200

RE: member adscpm

Hello,

Please do not "push" threads to the top of the Forum list with an
unnecessary post. This violates our Rules and Posting Guide.

Your "push" post is no longer visible on the BB.

If you wan't more exsposure then please consider paying to advertise.

Thank you in advance for your anticpated cooperation.

Best regards,
Steve Shubitz
Webmaster/Owner
http://www.GeekVillage.com
Tribal communication with like minded
natives at it's very best!

------------- End of email ---------------------

2) During the period of time (5/2002) that member adscpm/Dale Begg-Smith was posting and using the GeekVillage Forums, my own records indicate that he used the following IP and only this IP which is retained by the vBulletin script which runs this Forum:

142.173.11.206

This IP is and was located in Vancouver, British Columbia, Canada where Begg-Smith lives/lived and ran his Spyware Network. The owner of this IP and the Class C block was his ISP who is:

Stentor National Integrated Communications Network
OrgID: STEN
Address: 110 O'Connor St., Floor 3
City: Ottawa
StateProv: ON
PostalCode: K1P-IH1
Country: CA

3) When I penned my original entry on Dale Begg-Smith I was also aware of the following press release which states:

"San Diego, CA, Nov. 11, 2002 -- ValueAd has been selected by AdsCPM Network, a revolutionary pop-under internet advertising company, to provide full-service, customized advertising solutions for its customers. As the buyer of pop inventory of high-traffic sites, AdsCPM Network needed a respected online media delivery technology and advertising group, and chose ValueAd for its world-class, customized solutions and proven expertise in this field, and its dedication to customer service."

"ValueAd AdXpress technology allows my customers to manage their campaigns and provides incredible targeting capabilities, said Dale Begg-Smith, President, AdsCPM Network, Canada. A bulletproof stable system (available) for a fraction of the price of their competitors has increased my profits 200%" Source - which indicates a date in 11/2002. Just in case this page is removed, you can also view the same page via the Internet Archive.

Obviously, both parties (ValueAd and AdsCPM) have an understandable and appropriate financial interest in seeing that the other party suceeds. Other parties have questioned the validity of the press release sited above, so lets document the relationship with additional details. In this respect, I sent the following email warning to member "ValueAd" which should in fact help support the validity of the original press release noted above. The email:

From: "Webmaster of GeekVillage"
To: "HostMaster" hostmaster@valuead.com
Subject: ABUSE NOTIFICATION - URGENT - from Steve Shubitz at GeekVillage.com - URGENT
Date: Fri, 19 Jul 2002 11:08:31 -0700
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.50.4522.1200
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200

RE: member ValueAd
Hello Vlad,

Thank you for your contributions.

I have reviewed your first post in the following thread:

http://www.geekvillage.com/forums/showthread.php?s=&postid=102305

We have the original post which was:

ADSCPM.com
I would recomend ADSCPM.com for popups

Vlad Kogan
www.valuead.com
---end

The nature of this thread is a WEBMASTER looking for recomendations from other Webmasters on the best pop companies to use on HIS SITES. Please carefully READ the original topic starters post.

Your original post is a clear an absolute violation of our Rules and procedures. See the edit of your post for an explanation. Please insure that this does not happen again.

As much as I like you as a person and your lovely wife, I have a Community to run with rules that must be inforced. I'm truly sorry if you find our rules not to your liking. No hard feelings, just leave and never return. Geek/talk is not for everyone.

Please contact me privately BEFORE you post to a thread for guidence and help.

Thank you

Best regards,
Steve Shubitz
Webmaster/Owner
http://www.GeekVillage.com
Tribal communication with like minded
natives at it's very best!

---------------End of email ----------------

Who is Vlad Kogan? Actually, a very nice Geek with outstanding skills whom I have met in person. During this period of time (7/02) my other emails and in person meeting indicate that his position with ValueAd was owner and the VP Business Development. I have determined that in 2005 ValueAd provided technology to AdsCPM. Carefully study the following page from the AdsCPM web site. Please note the text and links at the very bottom of the page.

4) Connecting the dots with another email address: Dale Begg-Smith also used an email address of "prodesigning@hotmail.com"

a. The following thread contains this email address and the post is a complaint by member budsinc of non payment against AdsCPM. AdsCPM owed money to the Budsinc advertising network according to the post. Part of the post reads:

"I am here to make a formal complaint. We have an account with ADSCPM and the webmaster agreed to pay us every 5 days through paypal. Anyway he asked us to e-mail him at his hotmail account with the bank info so we did and here is what followed:

__________________________________________________ __
Hey,,,

I need to know your bank address and your home address please. Since I am
sending from Canada I need some more info.
THanks
Dale

>From: "contact " contact@budsinc.com
>Reply-To: contact@budsinc.com
>To: prodesigning@hotmail.com

--- Snipped --- See original post for more data.

b. The following thread contains a post by member "sumguy" which is dated 4-26-2002 and reads in part:

"You can contact Dale from ADSCPM at their personal address prodesigning@hotmail.com to get more information until the mail servers are back up.

c. Why am I obsessing over the use of this email address? Fasten your hard disk! The following post by "Dale" and using the same email address is very troubling since he is actively solicitng business from warez and cracks sites :

"Name:
Dale

Email address:
prodesigning@hotmail.com

wrote:
Advertising Proposal Hi,

Our popunder has been going for 4 months, now I am ready to buy all the traffic you get to your site. I am willing to pay you $1.5 cpm (per 1000 unique ip's) that you send to my popunder (a popup that loads behind your page so it doesn’t bother your users). I currently have 10 other warez/cracks/appz sites with my popunder on them for 4 months now and I have never missed a payment. They say I am the best advertiser they ever used." --- Source - In case that link dissapears, you can also read the same data via the Google cache which is dated "Feb 19, 2005 11:20:09 GMT".

Conclusions

I hope my additional research has provided enough data to enhance my original entry. The majority of this entry is unique to StopScum.com. Iv'e actually had most of these facts for a number of days and decided to hold them internally. I kept wishing that Dale Begg-Smith would "come clean" but that hasen't happened. If you find my research of value, please contribute to your favorite charity.

The follwoing thread on the GeekVillage Forums contains additional information on this issue. Including a whois "walk back" on Freescratchandwin.com and a civil and respectfull debate on both sides of this issue.

This entry is a follow up to my original post.

Posted by Steve_S

February 16, 2006

Dale Begg-Smith & AdsCPM: A Spyware low life Criminal Distributor wins an Olympic Gold Medal for Australia

You can run but you can't hide. If you fail to answer reporters questions in a candid and detailed manner, lots of folks will poke around and discover your checkered past. You may have won an Olympic Gold Medal, Mr. Dale Begg-Smith who runs/ran AdsCPM, but your checkered past is back to haunt you. February 20, 2006 - Don't miss my follow up article to this entry.

An Aussie starts the ball rolling

Please see this thread on the GeekVillage Forums. Started by the owner (Joshua Smith/ Czar) who recognized the names while he was watching TV and then performed some outstanding research which discovered this low life's checkered past. Dale Begg-Smith of AdsCPM is a banned member of this Community and you can even read his comments before he was banned inside this thread. This thread also contains complaints from members.

The Media Interview with Begg-Smith

"A self-made, Lamborghini-driving millionaire at only age 21, he was a study in composure and precision during his winning run, knees in flawless symmetry and jump landings clean.

He didn't want to talk about his internet ad-tracking business and refused even to give the name of the operation.

"I don't know," he said, when asked repeatedly to name the business he started when he was 13 with his older brother, Jason, also a moguls skier who didn't qualify for the final Wednesday.

"It was like, so long ago. I haven't been doing much on that the last couple years."

Source

Nice try DUDE! Thank you so much for infecting all those machines.

A band of criminals

Like every other Spyware player, they get greedy and continue to do nasty stuff with other sites. Sometimes they try and hide their deplorable actions by taking the site down but that doesn't work. For example:

"Welcome to Adscpm.com. Ranked top 500 on alexa.com, we are one of the highest traffic advertising agencies on the web. Our download partner does 100,000 software downloads a day. Adscpm.com does 20,000,000 pops a day."

Source

- AdsCPM actually ran and hosted http://www3.adscpm.com/FreeMP3Music.exe This exe is loaded with Spyware.

- FreeScratchAndWin also installed lop/rnd and in it's earlier iteration dealt with xzoomy. It has it's own parasite designation and eadgbe appears to be correct that it is affiliated with adscpm somehow

- Xzoomy.com, which is actively running also has the contact info (Mike Cass) domains@adscpm.com. Xzoomy.com was apparently involved in some autodownload via exploit activity (no prompt download).

Special thanks and attribution to Scott Ashman - CTO Jaspin Interactive for the 3 Spyware connections noted above.

How about a cross check for these allegations? Try this: The dedicated server which currently hosts AdsCPM.com ALSO hosts:

21 domains found on 69.28.210.140

www.0dp.com
www.123expressview.com
www.Adscpm.com
www.Adslimitless.com
www.Adultexpressview.com
www.Advolt.com
www.Cpm-media.com
www.Datecal.com
www.Decknews.com
www.Free-scratch-cards.com
www.Freescratchandwin.com
www.Kill-pop-ups.com
www.Popnugget.com
www.Rebateshoppers.com
www.Searchblend.com
www.Searchprogress.com
www.Softtechltd.com
www.Websearchtv.com
www.Wfgtech.com
www.Xzoomy.com

Advice for Mr. Dale Begg-Smith

1) Return your Olympic Gold Medal. Your checkered past has tainted the Olympics and you don't represent the high moral and ethical standards which the Olympics endorse.

2) Come clean with additional details. Remember, we just started our invesatigation on you!

3) Return all your "wealth" to the Canadian authorities. Including but not limited to your Lamborghini and all the money you have stashed away.

4) Cooperate with the local authorities and provide details of other Spyware players.

Advice for local authorities

Investigate Mr. Dale Begg-Smith to confirm these details. Then use the Olympics connection as a tool to prosecute this Spyware distributor under your local laws which may apply. Imagine the "ink" you can garner by using the Olympics and this Spyware player.

February 20, 2006 - San Diego, California

Don't miss my follow up article to this entry.

Given the fact that Dale Begg-Smith has still not provided details, candid answers, and his complete story with respect to his profiting from the distribution of Spyware, I have started to compile additional research on this issue. Please surf back for my Part 2 entry.

This is a Breaking and Dynamic Story

Time is of the essence since criminals often try and cover their tracks quickly. Additional data and juicy details were just posted.

Please see this thread on the GeekVillage Forums.

Additional resources:

Run a search on the GeekVillage Forums for the term "AdsCPM" via this link which opens in a new window.

All That Glitters is Not Gold... by Wayne Porter - Some additional suggestions for Dale Begg-Smith and other juicy thoughts.

Posted by Steve_S

June 18, 2005

Spyware slime bag uses Flash to silently restore your deleted cookies.

I have no objection to the responsible and ethical use of Cookies. I also have no objection with those users who wish to delete Cookies from their system. Unfortunately, the latest slime bag to crawl out from under a rock thinks it's permissible to silently restore your deleted cookies. Some Networks and Publishers are already using this technique. Fortunately, Macromedia has provided a means to secure your Flash installation and prevent this.

Meet the latest abuser

"The New York company on Thursday unveiled what it calls PIE, or persistent identification element, a technology that's uploaded to a browser and restores deleted cookies. In addition, PIE, which can't be easily removed, can also act as a cookie backup, since it contains the same information."

Source

"According to United Virtualities, a persistent identification element is a Flash object that a bit of JavaScript can tag to the browser of a visitor to a PIE-enabled website in order to restore deleted cookies and act as a cookie backup."

"Mookie Tanembaum, founder and CEO of United Virtualities, justifies his company's technology by suggesting that he's simply trying to help out consumers who are too stupid to know what they want to control: "The user is not proficient enough in technology to know if the cookie is good or bad, or how it works," he is reported to have said. He also said, apparently with a straight-face, that he discourages the abuse of PIE technology to thwart the end-user: "We believe people should use this technology responsibly. If people don't want cookies in place, then (their browsers) shouldn't be tagged." Uh-huh...I'm not sure who he thinks his market is. The company charges marketers $.03 per 1000 impressions (CPM) for use of its "platform".

Source - Copy and paste this link into a new Browser window:

http://www.webpronews.com/it/security/wpn-23-20050603CookiesandPIEAnIntroductiontoFlashSecurity.html

Dear Mookie,

Exactly who are your kidding! Nothing on planet Earth or Mars justifies changing anything on a users system without their explicit permission which is easy to read, short, full of details and displays before any action is taken and requires a check box selection. In this respect your technology is Spyware and since you are located in New York, I've saved you some grief and notified AG Elliot Spitzer.

Mookie, do you know who AG Elliot Spitzer is? Ask Intermix Media who recently agreed to pay 7.5 MILLION to the state of New York for "silent" Spyware installs just like your silent technology. Unfortunately Mookie, I haven't found out which Networks and Publishers are using your new Spyware technology but I promise to find out and then file complaints with AG Elliot Spitzer.

Mookie, welcome to the Spyware club! I'm sure it will enhance your firms image. Don't forget to write me and tell me what other kinds of subversion and data manipulation you plan to do without the users knowledge, let alone their permission.

The FIX for Flash

This data is nearly impossible to find on the Macromedia site. I wonder why? How about a more prominent location so you aren't dragged through the mud as an enabler. Click here and use the Macromedia Settings Manager to secure your Flash install. I set my options to "Ask First" and deleted every site which has already used some aspect of the Flash player for any purpose. I suggest you also Bookmark the Macromedia Settings Manager page and tell all your friends to immediately secure their Flash installation.

Posted by Steve_S

March 06, 2005

Spyware: Pending State Legislation

Given the lack of any current federal Anti-Spyware legislation some States have pending legislation which actually empowers the consumer to take action.

This page contains summaries of all the pending legislation in the USA. California appears to lead the pack with a number of bills which we will summarize.

S.B. 92

This bill would, with specified exceptions, authorize the recipient of spyware or software transmitted in violation of these prohibitions or the Internet service provider to bring an action to recover actual damages, and would authorize these parties to recover liquidated damages of $1,000 per violation. The bill would also provide for an award of reasonable attorney's fees and costs to a prevailing plaintiff. The bill would make the violation of the prohibitions a crime, punishable as either a misdemeanor or felony. By creating a new crime, the bill would impose a state-mandated local program.

S.B. 355

Existing law, the Consumer Protection Against Computer Spyware Act, provides specified protections for the computers of consumers in this state against certain types of computer software. This bill would state the intent of the Legislature to enact legislation that would improve the security of the Internet.

Other pending California legislation

S.B. 96

Peer-to-Peer File Sharing Software: This bill would provide penalties for anyone who sells, advertises or distributes P2P file-sharing software, as defined, and who fails to exercise reasonable care to prevent use of such software to commit an unlawful act. It would authorize fines of up to $2,500, and/or imprisonment in county jail for up to one year.

S.B. 97

Spam Penalties: This bill would make violation of existing law prohibiting using commercial email containing certain falsified, misrepresented, obscured or misleading information punishable as either a misdemeanor or as a felony. It would authorize a fine of up to $2,500, and/or imprisonment of up to one year.

Posted by Steve_S

February 19, 2005

The New Google Toolbar: Just say NO!

In their quest for revenue, the new Google Toolbar permits them to join and embrace a tainted group of "enablers". A collection of individuals/Companies which lack any semblance of ethics and in some cases violate Federal and or state legislation.

The nuts and bolts

A few days ago the Premiere SE in the world and a publicly traded firm who espouses "Do no evil", released Beta 3 of their Toolbar. This Toolbar includes an "AutoLink" feature which effectively paints Google as the premiere "enabler" on planet earth. Google unilaterally enables the alteration of a third parties web site for monetary gain.

A more detailed description

"When Web surfers install the toolbar in their Microsoft Internet Explorer Web browser and click the AutoLink button, Web pages with street addresses suddenly sprout links to Google's map service by default. Book publishers' ISBN numbers trigger links to Amazon.com, potentially luring shoppers away from competing book sellers such as BarnesandNoble.com. Vehicle ID licenses spawn links to Carfax.com, while package tracking numbers connect automatically to shippers' Web sites." Source: CNET News

Stand up and fight back

I suggest that you write Google along with all the major media authors and voice your objection to this deplorable behavior.

Here is an email which I have sent:

Hello xxxxx,
(Reference the article by name and URL)
(Insert a thank you and compliment)

The release of this Toolbar has permanently tarnished Google's image for the following reasons:

1. They are an "enabler". A legal principal which has already been litigated in the following areas: P2P, Gator/Claria/Kazaa, Spamware, and other seedy sectors. Google has joined a tainted group which lacks any semblance of ethics and in some cases violates Federal and or state legislation.

2. Call me "old fashioned" but I still expect the premier SE in the world, a publicly traded firm which preaches "do no evil", whose other statements and actions support and defend IP on the web, not to unilaterally enable the alteration of a third parties web site for monetary gain.

At a minimum, I consider the release of this Toolbar morally and ethically reprehensible.

(Close respectfully and insert your name and Web Site URL)

Continued with additional facts and comments in this article.

Posted by Steve_S

February 17, 2005

Gator, Claria, Vista Marketing Services, and BehaviorLink.com: Some new names but the same old Spyware Parent

One of the primary strategies that some Company's use to rehabilitate their tarnished image is to change their name and form new divisions which are still owned and controlled by the same old Spyware parent company. This strategy sometimes works, so I think it's important to document exactly who a Publisher/Webmaster, Network or Advertiser may decide to do business with.

The name game history

Gator is a privately held firm which was formed about six years ago. They distribute Spyware. Many folks first heard about Gator in 2002 when they were sued in federal court by a gaggle of irate publishers which included The Washington Post Co., the New York Times Co., Dow Jones & Co., Tribune Interactive, Gannett Co., Knight Ridder Digital, Condenet and American City Business Journals Inc. The essence of this suit was the assertion that Gator sells ads on their Web sites without authorization and pockets the proceeds. Gator does not share any revenue with the damaged sites. This legal procedure describes Gator this way: "Gator Corp. is essentially a parasite that free rides on the hard work and investment' of the publishers"

This case was settled privately and as part of the settlement, Gator stopped their morally and ethically reprehensible behavior against the plaintiffs. Having said this, they continue to do this same procedure and or related tricks today under a new Corporate name.

About one year ago Gator changed their name but not their procedures to "Claria Corporation" They are still involved with the following products using the very same Spyware and theft like procedures:

GAIN Publishing®
Kazaa
ScreenScenesTM
WebSecureAlertSM
DashBarSM
Weatherscope®
Gator® eWallet
Date Manager
Precision TimeSM
SearchScout

The Claria Corporation recently saw fit to revise their EULA for Kazaa: "At 5,936 words, the license stretches to 63 on-screen pages as presented by the current Kazaa installer (bundling with Gator). (See screen-shots of the Gator license as presented in June 2004, then requiring 56 on-screen pages.)"

"Here are some notable sections of the license: "You agree that you will not use, or encourage others to use, any unauthorized means for the removal of the GAIN AdServer, or any GAIN-Supported Software from a computer."

"Gator proceeds to list the "authorized means" for removing Gator -- prominently failing to authorize use of popular tools, such as Ad-Aware, Spybot, and Web Sweeper, which millions of users count on to remove unwanted software from their PCs."

"About four thousand words through its license, Gator demands: "Any use of a packet sniffer or other device to intercept or access communications between GP and the GAIN AdServer is strictly prohibited." Source

Talk about CYA! While Gator/Claria appears to have the authority to create an EULA any way they wish, it's apparent to me that the primary goal of this new EULA is not to properly inform a potential user with clear and easy to read terms but rather to confuse them and attempt to limit a consumers rights to install other properly licensed software on their Windows machine. In my 20 or more years of working with software, I have never seen such a long and confusing EULA and I have never seen another company attempt to limit my rights to purchase/license other software.

Finally, if we are to believe the PR spin of Gator/Claria that they are so squeaky clean and embrace the world with their moral high ground and legal compliance, why are they so paranoid about others folks using a sniffer to see exactly what they are doing. What are they hiding? What tricks do they plan to perform which they don't want others discovering?

About a week ago Gator/Claria announced the formation of a new affiliate network called BehaviorLink.com and a marketing division named Vista Marketing Services. The PR releases indicate that Gator/Claria intends to spend over 100 Million dollars to purchase ROS inventory from Webmasters/Publishers and other networks. That's a ton of money to spend and certainly believable since Gator/Gain is a darling of the VC crowd and has already received over 58 million in VC funding according to this article. Additionally, Gator/Claria continues to generate buckets of cash profits as in millions of dollars from their operations and has a huge amount of data on it's 40 million plus users. Finally, their planed IPO and it's infusion of cash also supports this business plan.

Please join the BehaviorLink.com Affiliate Program

NOT! You can expect to see lot's of these pitches in the not to distant future. Networks and or Advertisers can expect a solicitation form Vista Marketing Services. A significant number of these folks won't have a clue of exactly who they are dealing with. Trust me, I've observed this fact for over 6 years.

My suggestion for a response:

BehaviorLink.com (or Vista Marketing Services) is a wholly owned subsidiary of The Gator Corporation. Remember Gator? In a 2002 legal case they were described as: "Gator Corp. is essentially a parasite that free rides on the hard work and investment' of the publishers"

They install Spyware and changed their name to Claria Corporation. Perhaps some of these products which are still distributed by Gator will jog your memory:

GAIN Publishing®
Kazaa
ScreenScenesTM
WebSecureAlertSM
DashBarSM
Weatherscope®
Gator® eWallet
Date Manager
Precision TimeSM
SearchScout

BehaviorLink.com (or Vista Marketing Services) uses a cookie to deliver what they describe as behavioral targeting across multiple member sites. They share this revenue with the members of their network. While I can certainly respect your right to do business with anyone you wish, my own view is rather easy to understand:

Regardless of the monetary reward, I don't do business with any firm who is currently actively involved and or associated with the distribution of Spyware and or stealing revenue from other sites via pops and overlays which users of many of their products see. I consider all these actions, the Company, related parties, and all their divisions morally and ethically reprehensible.

Final thoughts

Yes I'm twisting my words a little in my suggested response. I always prefer to call them Gator since more folks remember that name and it's distribution of Spyware and theft. I also don't get involved in the legality of the issue since I'm not an attorney and many of the pending Spyware laws leave huge holes in them for Gator and it's ilk to exploit. I am also very polite and civil when I engage folks in a discussion. Never resort to attacks, trolling, insults, baiting, hacking, or any other related techniques in an effort to win the argument and convince folks not to do business with Gator, Claria, Vista Marketing Services, and BehaviorLink.com.

Posted by Steve_S

January 10, 2005

Year 2005: The convergence of Spyware, Spam, Viruses and Phishing

This year will be far more dangerous than any prior year. The criminals who engage in Spyware, Spam, Viruses and Phishing have discovered a much more effective way to make your life miserable on the Internet and generate revenue.

Viruses

Industry experts report that over 30% of all viruses contain a "back door". We expect this number to increase in 2005. A back door permits the authors to use your computer as a "zombie/bot" to not only send Spam but steal your confidential data. These actions are significantly different than years past when the criminals were more interested in "ego gratification" and not money. Many of these viruses writers have discovered that they can actually make money using the back doors and will continue to work in concert with all the other abusers.

Anti virus tools are no longer an option. They are required. Insure that your definitions are always current and do not use or surf the Internet until these tools are properly installed.

Spam and Phishing

Broadband usage has increased to around 50% in the USA. This permits Spammers to send more junk email in a given hour via your infected machine than ever before. Have you noticed the increase in Phishing via email? It's going to get worse and these folks have discovered that they can also produce viruses that steal your confidential data. When email reaches the saturation point more of the Phishing criminals will use web sites to silently install Spyware which also grabs your confidential data.

Spyware

We still don't have any federal legislation which prohibits Spyware. Only recently (1/4/05) did California Rep. Mary Bono again introduce into Congress H.R. 29, known as the "Spy Act". This bill requires that Web companies obtain consumers' consent before placing software on their computers. Last year, the same legislation passed in the House by a 399-1 vote, but was not voted on by the Senate. This lack of federal legislation encourages the Spyware criminals and those who benefit from it to become even more aggressive. Benjamin Edelman recently documented a single click which installed the largest number of Spyware programs I have ever seen. The details from a single click while using the Windows Media Player:

"...including at least the following 31 programs: 180solutions, Addictive Technologies, AdMilli, BargainBuddy, begin2search, BookedSpace, BullsEye, CoolWebSearch, DealHelper, DyFuca, EliteBar, Elitum, Ezula, Favoriteman, HotSearchBar, I-Lookup, Instafin, Internet Optimizer, ISTbar, Megasearch, PowerScan, ShopAtHome Select, SearchRelevancy, SideFind, TargetSavers, TrafficHog, TV Media, WebRebates, WindUpdates, Winpup32, and VX2 (DirectRevenue). (Most product names are as detected by Lavasoft Ad-Aware.) All told, the infection added 58 folders, 786 files, and an incredible 11,915 registry entries to my test computer. Not one of these programs had showed me any license agreement, nor had I consented to their installation on my computer."

While we have not yet seen a significant number of Phishing criminals using these installs to steal your data, we will.

Summary - New definitions

This convergence of criminals can be confusing so let me try and summarize it:

1. Viruses with a "back door" should also be thought of as tools for Spyware authors, Phishing expeditions, and using your machine to send Spam.

2. Spam will continue to increase largely because these criminals will use infected machines to send it.

3. Expect new ploys to emerge for those on a Phishing expedition. More use of Viruses to steal your confidential data, creation of fraudulent ecommerce sites, creation of fraudulent escrow services, and more.

4. Spyware criminals and those that benefit from it will continue to increase. No longer content with silent installs and or poorly documented installs, they will turn to new methods. A Virus with a back door will be the new tool for 2005.

Posted by Steve_S

December 04, 2004

Your computer is infected with Spyware aka Adware. The fix.

Millions of Computers are infected with Spyware which is also known as Adware. It's the single greatest problem facing the Internet. Perpetuated by "quick buck" companies and Webmasters. You would be wise to consider surfing the Internet a very dangerous procedure and you must take the necessary precautions to prevent the infection of your Windows computer. If you are unwilling to take these precautions, I suggest you unplug and take a long walk on the beach.

The tender traps. Let me infect you!

It's free so I download it. Let me scan your system. Surf to my site and I can't wait to infect your system. These ploys and others often infect your system with Spyware/Adware. The results can be scary or in many cases render your system unusable. These programs may open your CD drive, change your Browsers start page, splatter pop ups as you surf, send your confidential data back to the infectors website, steal your passwords, steal your credit card data, and hijack your surfing habits so you are redirected to another site you never wished to visit. Can't I just uninstall these programs? In many cases you can't using the Windows Add/Remove Control Panel. The morally and ethically reprehensible folks who create and distribute Spyware/Adware have made sure of this.

Tools of the trade to prevent infection and or clean your system. Use both!

Spybot - Search & Destroy - A free Windows application to scan for spyware, adware, hijackers and other malicious software. Download and install the latest version. Next, run the Search for Updates to insure you have the latest data. Finally scan and clean your system. Don't forget to make a voluntary donation which insures that this valuable application will stay around and continue to be improved.

Ad-Aware SE Plus - This is not the free version. This version costs $26.95 and is worth every penny. One of it's major features is the ability to write protect system files. This prevents the infectors from altering your Registry file which is the major point of entry for all the Spyware/Adware applications. Purchase and download the latest version. Next run the check for updates and finally scan your system.

I have used both applications for years and they work. I suggest you use both since Spybot, which is Free, may catch an infection that Ad-Aware SE Plus misses and visa versa. Keep your updates current and scan your system on a regular basis. Insure that you also run the Windows Update via your Start Menu and you will be a happy camper.

You will notice dozens of other applications which tout themselves as "Anti-Spyware" and some even offer to scan your system free of charge. Just say NO to all of these applications. Some of which are designed to infect your system with a free scan. The only site in the world which I permit to scan my system is the Windows Update site. I've yet to see any other application which is better than the Spybot plus Ad-Aware SE Plus combination. No need to believe me. Carefully examine the sites of these other applications and look for a feature comparison chart with both of the applications I recommend. Don't count on a Webmaster for an honest evaluation of what works. Most don't care and are only interested in receiving a commission for the sale of another product.

Posted by Steve_S

November 19, 2004

Watch a video of Spyware infecting a system

Infecting computers with silent and or "trickery based" permission
systems is sometimes hard to explain to folks. Ben Edelman has posted a video of these actions on his site.

His video documents the following firms who produce this software which was silently installed on a Windows XP system:

"180solutions, BlazeFind, BookedSpace, CashBack by BargainBuddy, ClickSpring, CoolWebSearch, DyFuca, Hoost, IBIS Toolbar, ISTbar, Power Scan, SideFind, TIB Browser, WebRebates (a TopMoxie distributor), WinAD, and WindUpdates. (All programs are as detected by Ad-Aware.)"

I decided to take a look at the 180solutions privacy page in an effort to determine who is telling the truth and who is either lying and or complicit in this morally and ethically repugnant behavior.

You be the judge from their privacy page copy:
"Our programs are only downloaded with user consent and opt-in."

"We do not display non-permission-based advertising such as banner ads or pop-ups. All of the sponsor websites served by 180solutions are easily closable browser windows clearly identified as “Brought to you by the Zango Search Assistant” or “Brought to you by the 180search Assistant.”

"All 180solutions’ third-party distributors are required to clearly label that our programs are bundled with their products and to provide consumers with the option to agree to the licensing agreement before they install it. We police distributors to ensure our disclosure rules are adhered to and we
prohibit “drive-by” or “silent” installations. Our code of conduct requires that the user is fully aware of and agrees to our End User License Agreement (EULA). "

Take special note of the 2 graphic images at the very bottom of the page and arrive at your own conclusions. Ben Edelman has also written about the cookie-stuffing actions of 180solutions,which effectively steals commissions from Webmasters.

Posted by Steve_S