Spyware scumbags make $2bn a year

The Register ^ | 4 MAY 2005 | John Leyden

[rdb3]

Biting the hand that feeds IT

The Register » Security » Spyware »

Original URL: http://www.theregister.co.uk/2005/05/04/spyware_report/

Spyware scumbags make $2bn a year

By John Leyden (john.leyden at theregister.co.uk)

Published Wednesday 4th May 2005 11:46 GMT

Spyware ­ invasive programs that generate pop-ups, hijack home pages, redirect searches and poison DNS files ­ generates an estimated $2bn in revenue a year¹, according to a study by anti-spyware firm Webroot. It estimates the surreptitious spyware and adware market "may be approaching 25 per cent" of the already-established market of online advertising.

As we've noted (http://www.theregister.co.uk/2005/02/02/adware_market_estimate/) before, it's hard to square Webroot's $2n estimate with the observable size of adware market. Webroot's This calculation assumes a uniform distribution of spyware, among other statistical sins. Estimates on the damage caused by computer viruses are a notoriously inexact science. The same seems to apply to looking at the adware market.

SpyAudit

In the first quarter of 2005, 88 per cent of scans using Webroot's SpyAudit software found some form of unwanted program (Trojan, system monitor, cookie or adware) on consumer computers. The vast majority of corporate PCs (87 per cent) also harboured undesirable programs or cookies. Excluding cookies, more than 55 per cent of corporate PCs contained unwanted programs. Infested consumer PCs contained an average of 7.2 non-cookie infections.

Cookies annoy some people but they are nowhere near as serious a problem as key=logging or Trojan horse programs. System monitor (key logger programs) were found in seven per cent of consumer and enterprise PCs scanned using Webroot's software, down from 19 per cent in Q4 2004. Trojan horse programs were found on 19 per cent of consumer PCs and seven per cent of enterprise PCs, unchanged from Q4 2004.

Consumer sites 'riddled' with spyware

Webroot's data comes from analysis of stats from Webroot's consumer and corporate SpyAudit tools and from online research culled by Phileas, Webroot's automated spyware research system. Contrary to the perceived wisdom that spyware comes only from a limited number of dodgy online porn and warez sites, Phileas identified 4,294 sites (with almost 90,000 pages) containing some form of spyware.

Webroot's State of Spyware report names and shames the top ten most significant emerging spyware and adware threats based on detection, as well as potential impact. CoolWebSearch, an infamous piece of adware with over 100 different variants, was dubbed the top threat. GAIN and 180search Assistant were the next two most prevalent nuisances. ®

¹ Webroot's figure for the value of the spyware market comes from multiplying the average number of pieces of adware per machines (4.38 - according to Webroot) times the number of active users on the net (290m - according to Nielsen Netratings) times the value of each adware installation per year ($2.25 - a figure derived Claria's filing that it made $90m a year from 40m "users").

Related links

Webroot's State of Spyware report (registration required (http://www.webroot.com/stateofspyware))

Related stories

Adware-infected PCs net slimeware firms $3 a pop (http://www.theregister.co.uk/2005/02/02/adware_market_estimate/)
Anti-spyware group collapses (http://www.theregister.co.uk/2005/04/13/coast_collapse/)
Drive-by Trojans exploit browser flaws (http://www.theregister.co.uk/2005/03/23/symantec_threat_report/)

[rdb3]

Two billion dollars. No wonder why they code spyware to be so vicious.

[Izzy Dunne]

So why do people put up with it?

[Montfort]

Good question, but an even better question is:

What kind of idiot buys a product from (and gives his credit card number to) a merchant whose advertisement hijacked his computer?

or

gets a mortgage from a mortage banker whose ad hijacked his computer?

[rdb3]

I'd guess people put up with it because they don't know how to defend against it.

I've repaired so many friend's Windows installations that were infested with spyware/malware it isn't funny. Can't get them to simply use anti-spyware programs and/or use Windows Update. I believe that the spyware writers know this, and exploit it with impunity.

What are ya gonna do?

[Smedley]

I borrowed my wife's portable during one trip tot he in-laws, and noticed it ran slower that what I thought it should. My wife does a fair amount of shopping on-line, so I figured there might be scumware.

I downloaded Ad-Aware, ran it and found over 50 different pieces of scumware (plus hundreds of cookies), Getting rid of one rather stubborn collection of symbiotic EXEs and DLLs that was like trying to exorcize Michael Moore from an all-you-can-eat buffet. Later, the computer ran 2-3 times faster while browsing.

I say that 20 year prison sentences should be manditory for every one of these scumbags.

[dfwgator]

The answer is to boycott the products of any company that uses the results obtained via the spyware.

[AppyPappy]

$2B to write viruses. Who woulda thought?

[js1138]

Like it or not, Microsoft is adding anti-spyware and anti-virus to windows -- having already added a firewall.

Most of this crap is installed with the user's permission.

The problem is that most people are used to going to legitimate commercial websites that require a plugin to display correctly. This kind of site trains people to say Yes when asked for permission to install anything.

When I go to a site I look for text only or non-Flash versions of the site.

[Protect the Bill of Rights]

It's time to give mine the once over....what is the best program in your opinion?

[rdb3]

It's time to give mine the once over....what is the best program in your opinion?

I like GIANT AntiSpyware. Microsoft bought them out recently. But it seeks and repairs spyware, and provides real time protection against it.

[JasonC]

I don't "put up with it". I have all the standard free software shields. (The pay ones are a scam themselves - the people peddling them probably write half this stuff just to make themselves a market). But what I want is not for people who respond to spam and such to stop. I want everyone who so much as touches the entire process boiled in oil, yesterday. Deportation and confiscation of all assets will suffice for people who merely click on an ad. Company that use them should have their executives shot. The oil, followed by public eating of their children, for those who actually write the stuff. I'm beyond fed up, I want blood.

[finnman69]

lavasoft's Adaware is a good scanner, geta good firewall like Zonealarm, and a pop up stopper like Panicware.

All free or you can pay more for more features.

[Deaf Smith]

"What are ya gonna do?"

Why is spyware/malware not considered hacking?

[glorgau]

So why do people put up with it?

They have no choice as long as they use Windows. Windows will always have hooks in it to be hijacked through a back door.

[Protect the Bill of Rights]

Did a search and found ..."Microsoft, however, will no longer sell new licenses, subscriptions, or subscription renewals for GIANT Company Software products, including GIANT AntiSpyware...."

Guess I'll give Microsoft's Beta program a try.

[JasonC]

Horsefeathers. Permission has nothing to do with it. Firewalls, standard anti virus, spybot, ad aware, MS stuff, pop up blockers, hijack this, regular scans from all of it, it still catches unauthorized hacks of the registry all the bleeding time. It is not a user problem, stop blaming them. First, those doing it need to be shot. Second, the programmers who create the hooks they use, thinking it an important legitimate feature to turn over the user's browser to every website, need to rip out the controls they are abusing. The pop up, for instance, needs to be killed for good at the source for all concerned- it is not remotely worth any of this. The hack tower of registry edits needs to be toppled. Active scripting on sites is the wrong way to do anything. The browser belongs to the user, not the web developer. Get your freeking hands off of it, and rip out the controls these clowns grab, root and branch.

[rdb3]

But what I want is not for people who respond to spam and such to stop. I want everyone who so much as touches the entire process boiled in oil, yesterday. Deportation and confiscation of all assets will suffice for people who merely click on an ad. Company that use them should have their executives shot. The oil, followed by public eating of their children, for those who actually write the stuff. I'm beyond fed up, I want blood.

I'd say that you sound perturbed, but that would be a gross understatement!

[JasonC]

Horsefeathers, they can take it away tomorrow. They have to write special code to allow this to be done. There is no reason whatever to allow every remote machine to hack the user's registry. They do it on purpose because they want to give website developers all possible tools to control the user's "web experience", because they are trying to recreate the passiveness of TV. They don't have to, they can stop tomorrow.

[Grendel9]

A month ago, I bought and installed STOPzilla.
NOTHING gets through any more. Well worth the comparatively small price. Plus, I ordered the
disc so I can add it to all my other machines
and have a backup...just in case.
I"m in control again!

[JasonC]

The WWW is the greatest boon to thinking man since the library of Alexandria. These vandals are illiterate barbarians crapping all over the floor and tossing smouldering torches around in the stacks. Pols and responsible programmers need to be much, much more serious about smashing them to atoms, or they will wreck it all.