| Thursday December 18th 2014

Feedburner

Subscribe by email:

We promise not to spam/sell you.


Search Amazon deals:

Interview with an adware author


adware toolbars infestation

Philosecurity has an interview with Matt Knox, a former coder for Direct Revenue, an adware company which was sued in 2006 by New York governor Eliot Spitzer. The interview contains some interesting details of how the adware code worked internally: it created a Browser Helper Object, then ensured that the Browser Helper Object stayed up by creating a poller to check every ten seconds and regenerate the Browser Helper Object if it had stopped running. The poller ingeniously masked itself partly by exploiting Windows’ Create Remote Thread function to run itself as a series of threads instead of as an executable.


The truly fascinating bit of the interview is how Knox defies your initial suspicion that he’s a complete scumbag; he started off writing spam filtering software, was hired by Direct Revenue to do traffic analysis, started writing tiny bits of code to improve the adware, and eventually wound up knee-deep in the code.  Knox notes that you can get ordinary people to do incredibly distasteful things if you break those things into small enough chunks and introduce them gradually.

Related Posts: On this day...

Leave a Reply

You must be logged in to post a comment.