Philosecurity has an interview with Matt Knox, a former coder for Direct Revenue, an adware company which was sued in 2006 by New York governor Eliot Spitzer. The interview contains some interesting details of how the adware code worked internally: it created a Browser Helper Object, then ensured that the Browser Helper Object stayed up by creating a poller to check every ten seconds and regenerate the Browser Helper Object if it had stopped running. The poller ingeniously masked itself partly by exploiting Windows’ Create Remote Thread function to run itself as a series of threads instead of as an executable.
The truly fascinating bit of the interview is how Knox defies your initial suspicion that he’s a complete scumbag; he started off writing spam filtering software, was hired by Direct Revenue to do traffic analysis, started writing tiny bits of code to improve the adware, and eventually wound up knee-deep in the code. Knox notes that you can get ordinary people to do incredibly distasteful things if you break those things into small enough chunks and introduce them gradually.
Related Posts: On this day...
- Televised police chase zips past man recording it on his TV - 2013
- The CIA Exposes the Truth About Ron Paul - 2012
- Why you should always encrypt your smartphone - 2011
- Who Knew Dead Zombie Hookers Were So Fun? - 2011
- Kellee Maize - City of Champions - 2011
- Pennsylvania State Troopers with a drawn assault rifle, bracket a terrified driver during a roadblock set up near Pittsburgh - 2010
- Anti-spammer fined $60K for DNS lookup "hack" - 2008