Wednesday, February 23, 2005

Spyware Snags Blogger Users

By Matt Hicks
“Weblogs are spreading more than opinions and observations across the Internet. Some are beginning to propagate malicious software downloads that can alter browser settings, track users and serve pop-up ads.

Dozens of blogs hosted by Google Inc.'s Blogger service can install programs that are widely considered to be spyware and adware onto visitors' computers, warn users and spyware researchers. In many cases, users are discovering the offending sites as they browse among blogs through Blogger's navigation bar.

Alvin Borromeo, attorney, of Columbus, Ohio victim of spyware from a Blogger-hosted blog wrote about the problem in a post in January on the blog of his law firm, Mallory & Tsibouris Co. LPA. He posted an update with Blogger's reply to his inquiries.

He reached a blog that installed spyware on his Windows computer after clicking the "Next Blog" link in the Blogger navigation bar. Then he noticed pop-up ads appearing and that his Internet Explorer home page was changed.

In August Blogger introduced the navigation bar atop blogs that it hosts at blogspot. The bar is optional for Blogger users with their own Web hosting.

"It was very surprising," Borromeo said. "It's something that you'd expect that Google would be up on, and it came as a shock to me that I would get [spyware] through this avenue."

He added a warning to the law firm's blog about the potential for spyware downloads when navigating blogs and later moved his blog to the firm's own host in order to remove the Blogger navigation bar.

"I don't want my users going onto my blog and then clicking that next link and getting spyware downloaded onto their system," he said.

Many of the affected blogs on Blogger had included JavaScript code in their templates that pointed to a service called iWebTunes. The iWebTunes Web site provides few details about the service and no contact information, but the service appears to promise blogs the ability to play music while it also serves up downloads for spyware and adware.

A Google search on iWebTunes and Blogspot, the name of Blogger's hosting service, yields pages of blog results. When eWEEK.com visited about five of the blogs, they displayed pop-ups in Internet Explorer with misleading prompts to accept downloads.

When one download was accepted, it installed the EliteBar, which disabled other IE tool bars, including the Google Toolbar; changed the browser home page to SearchMiracle.com and began displaying pop-up ads even when IE was closed. ”

http://www.eweek.com/print_article2/0,2533,a=146399,00.asp
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)