Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×
America Online Privacy Your Rights Online

Buddylinks Stinks 63

Posted by timothy from the hey-scummy dept.
Omie TheNull writes "After recieving several messages over AIM with the content: "check this out... http://www.wgutv.com/osama_capture.php?HlvU", I went to the page and discovered that it is sponsored by a site called "BuddyLinks." Their website is at http://www.buddylinks.net and they claim that they are NOT a virus. However, when you visit their links and install their "player" it seems that you are also installing software that takes control of your AIM buddy list and sends advertisments to those on your buddy list. The advertisements are obviously designed to look like innocent messages from your buddies asking you to check out certain links. Very scummy, indeed."
This discussion has been archived. No new comments can be posted.

Buddylinks Stinks More

Buddylinks Stinks

Comments Filter:
  • Got a little click-happy with the submit button...

    You also agree to: (from the same URL as the parent post)
    Updates to Software. The Software includes an automatic update feature to ensure that you have the most recently released version. You acknowledge and agree that PSD Tools or third parties designated by PSD Tools may from time to time provide automatic programming fixes, updates and upgrades to the Software (collectively, the "Updates"). Updates may include installation of third party applications, through automatic electronic dissemination and other means. You consent to such Updates and agree that the terms and conditions of this Agreement will apply to all such Updates. If you should elect not to have your software updated at any future time, PSD Tools shall not be responsible for any incompatibilities that may arise on your system and Computer.

    Oh, and I forgot to mention that the uninstaller is available at http://www.buddylinks.net/uninstaller.exe [buddylinks.net].

    Good day!
    Mike

  • Re:AIM is ASS (Score:2, Informative)

    by OutRigged ( 573843 ) <rage@o u t r i g g e d . com> on Wednesday February 11, 2004 @02:12PM (#8250850) Homepage
    Um yeah.. Trillian is also closed-source, and quite bloated.

    Give me Miranda-IM [miranda-im.org] any day....

  • Re:Funny, I was messing with that last night... (Score:3, Informative)

    by cyberepgnuin ( 162562 ) on Wednesday February 11, 2004 @02:18PM (#8250940)
    Spybot doesn't pick this up... yet.

  • It's NOT a virus. (Score:2, Informative)

    by Matchstick ( 94940 ) on Wednesday February 11, 2004 @03:22PM (#8251708)
    It's a trojan!

  • Got it without clicking through (Score:2, Informative)

    by gc8005 ( 733938 ) on Wednesday February 11, 2004 @04:04PM (#8252208)
    I got the message from a friend last night thru AIM on my laptop at work. I never got any sort of IE message about installing software - nothing, nil, notta. Looked like a dead link. Now, today, on a totally separate computer, I'm sending AIM messages to everyone in my list. I have NO IDEA how (1) it was installed on my laptop without the pop-up message / approval and (2) how it made it to my home machine (thru AIM?). Also note, contrary to other posts, that this is not removed by using control panel add/remove - it leaves shit all over the machine.

  • Re:I've heard (Score:3, Informative)

    by 0x0d0a ( 568518 ) on Thursday February 12, 2004 @09:32AM (#8257182) Journal
    Unlikely. The whois information for wgutv.com refers to a register.com administrator...unless this was intended to be a joke and just went over my head. :-(

  • Buddylinks == clickspring (Score:4, Informative)

    by 0x0d0a ( 568518 ) on Thursday February 12, 2004 @09:57AM (#8257371) Journal
    Let's take a brief look at these folks:

    $ host buddylinks.net
    buddylinks.net has address 63.251.131.235
    $ whois 63.251.131.235
    [Querying whois.arin.net]
    [whois.arin.net]
    Internap Network Services NETBLK-PNAP-11-99 (NET-63-251-0-0-1)
    63.251.0.0 - 63.251.255.255
    ClickSpring LLC INAP-BSN-CLICKSPRING-0041 (NET-63-251-131-232-1)
    63.251.131.232 - 63.251.131.239

    # ARIN WHOIS database, last updated 2004-02-11 19:15
    # Enter ? for additional hints on searching ARIN's WHOIS database.

    Googling for clickspring llc turns up a number of hits. Apparently, ClickSpring has been in the business of writing advertising worms and trojans commercially for some time now. They are responsible for PurityScan as well as some other nasties out there.

    Normally I wouldn't care -- another Windows virus -- but now I'm getting masses of useless messages from infected friends.

    Obviously, nobody has bothered to charge ClickSpring with computer crime charges, which is quite frusterating.

Slashdot Top Deals

What is research but a blind date with knowledge? -- Will Harvey

Close