(The following articles
have been archived for both instructional and reference purposes. To read the full
articles please follow the links to the source located at the bottom.)
Wired News: What They Know Could Hurt You
By Michelle Delio
02:00 AM Jan. 03, 2002 PT
Users of popular file-sharing applications may unknowingly be
sharing more than just their collections of audio files.
A Trojan horse program masquerading as an advertising application
was included with recent versions of programs BearShare, LimeWire, Kazaa and
Grokster. The Trojan, dubbed "W32.Dlder.Trojan" by antiviral companies,
is contained within an application called "ClickTillUWin" which promises
users a chance to win prizes.
According to antiviral firm F-Secure, Dlder
tracks URLs that users visit and posts them to a website. F-Secure reported
that the Trojan also opens a security hole on infected systems by downloading
and activating executable files.
"We were told that this installer just created the icons
and shortcuts for the ClickTillUWin promotion," Greg Bildson, chief technical
officer at Limewire, said in an e-mail.
"We rely on Cydoor to deal with our ad deals and bundled
software. We assumed that they did their homework on this package but that does
not seem to be the case," said Bildson.
Bob Regular, vice-president of marketing at Cydoor, an advertising
company, said he would investigate the ClickTillUWin bundle.
Regular said that Cydoor's policy is to fully inform users of
the functions of any bundled software in the licensing agreements included with
installation programs.
The Trojan file Dlder is installed when users set up the file-sharing
applications. After installation, the Trojan downloads a file named "Explorer.exe"
from a website, 2001-007.com, and installs the program into a user's system
folder.
Read
the full article at Wired News..
