Today, we at StopBadware, along with our friends at the Center for Democracy and Technology, are filing our first complaint to the FTC about a badware application, called FastMP3Search Plugin.
As Christina Olson put it on the SBW blog, we are highlighting “FastMP3Search.com.ar for distributing badware to unsupecting Internet users. FastMP3Search.com.ar is a site that offers MP3s for download— however, it requires users to download a plugin in order to download these songs. … This FastMP3Search Plugin (reviewed by StopBadware here) is one of the worst applications that StopBadware has ever seen. Not only does it secretly install additional software, but the software it installs includes adware, Trojan horses, and a browser hijacker—and these applications download even more applications in turn. What’s more, FastMP3Search disables Windows Firewall without the user’s permission, thereby allowing it to download all these malicious applications without Windows alerting the user to their badness. These applications then change the user’s homepage, pop-up numerous advertisements (mostly for rogue anti-spyware applications), and hog system resources, which caused our test computer to slow down and randomly freeze.”
The complaint to the FTC is here. The report on FastMP3Seach.com.ar is here.
The big issues in this case are two:
1) FastMP3Search.com.ar’s application includes many of the worst attributes of badware, all in one inconvenient bundle. It’s a parade of horribles. Among other things, the application can disable your firewall on your PC without letting you know, in addition to giving you all manner of pop-ups, a trojan horse, and so forth.
2) This matter highlights the challenge of fighting bad applications that are (presumably) hosted and developed in places far from where the impact is felt, in some cases. So, in this instance, we couldn’t find the developers of this bad application to tell them, as we endeavor to do in advance, that we were issuing a negative report about them. Their site is registered under the Argentinian country code, but there’s no particular reason to believe that the purveyors of the application actually reside there. The impact of the application is felt in many jurisdictions outside of Argentina, or wherever the home of the purveyors may be. The US FTC, and its counterparts around the world, have an extremely tough job when it comes to such an application. The FTC deserves a lot of credit for its work to combat badware, including recent actions to shut down some of the applications that CDT and StopBadware and others have complained about. The FTC also has done terrific cross-border work in the spam and online fraud contexts.
We hope that by highlighting this application and by bringing this complaint, we can both raise consumer awareness about this bad application and encourage the FTC to take action against those who seek to profit from it. We are particularly grateful to our partners at CDT, including Ari Schwartz and his team, as well as the Berkman Center’s clinical program, led by Phil Malone, which helped in preparing the complaint.
The “WHOIS” info pasted above, in the first Comment, shows Name Intelligence, Inc as the **Registrar**; that is, the actual host is Private, and is not reporting itself to WHOIS. Thus, there is no particular connection between “Bellvue, WA” and the Argentine site, other than that the one registered it’s domain via the other, and Name Intelligence permits Private Registration.
It’s similar to seeing the phone number of a hotel on Caller ID, but not the Room Number of the actual caller.
I would consider Name Intelligence as a Correspondent or Witness for the complaint. To me (no legal expert!) there is Apparent Intent and actual vandalism (the victim loses the use of his property) so there should be criminal charges.
Are you aware of the damage you’re doing to innocent small businesses because of the really, really slow handling of appeals?
Google is violating their core principals of 1. speed, and 2. Do no evil, by putting up nasty warnings which presume harmful intent, and then handing you the mess to clean up with your understaffed appeals process.
Why not just let Google have that resposibility?
The other big JS gripe is debugging on IE. Nope, sorry, that works really well too
fastmp3search.com.ar is down many months ago
You will never get good results trying to shutdown this small affiliate sites because one get closed and hundreds start everyday.
If you really want to stop badware, then go for the people that are making all the money and paying per install, not the affiliates.
Take a look here:
This pay per install industry is the real responsible that many small affiliates distribute badware for just a few cents.
BTW i guess that many of them are located on the US unlike their affiliates that are from anywhere and maybe some of those foreign affiliates are just kids.
google erronous states that our site http://www.gma-nitsa.gr is a badware source
we have check and recheck our site and the only possible source of badware can be the google adsense advertisments.
if *anyone* can provide us with some insight (google doesnt give much and we still wait for stopbadware to check our site) please do.
thank you very much