In Depth: Spyware And The Industry

It’s speculated that nearly 50% of all computers that use the internet are infected with some sort of spyware. While the number would seem ridiculously inflated, it’s actually very easy to see the truth in it. Spyware is a general term used to describe any code, whether scripts, programs or cookies, which are installed onto a computer and used to send to data back to a central collection server. More than just data collection, spyware has more recently begun to be used to describe malicious code that essentially forces install onto your system. Some of the most common uses in the adult industry are toolbar installs.

Programs such as xxxtoolbar have an install script that doesn’t ask the user if they want to install their bar when using IE and deceptively makes it seem like a plug-in permission is needed when a page with their code is loaded with Mozilla. It used to be the most common way to distribute spyware was with ActiveX, but as the surfers became more aware of the risks, other measures were taken by programmers to ensure their programs would see more distribution. While some spyware will try to install with non-IE based browsers, it usually fails. But at the same time, it causes the browser to slow to a crawl making the user feel both internet lag and computer lag, and as we know, the first thing that the surfer does to remedy the problem is, closing the browser.

This is the first problem posed. Let’s say you ran a popular TGP / MGP and cheaters began to replace code in the accepted galleries to force spyware installations. Your visitor clicks the gallery and when he is either successfully infected or is lagged out; they will associate the problem to be something on your site 9 out 10 times. Let’s say you delete the gallery and blacklist the host when you find out, your site may have left thousands of visitors weary to go back.

Now as it becomes a recurring problem, your userbase will dwindle as surfers will try to find a site that won’t leave them vulnerable to spyware. Now remember, the average surfer will blame your site, because they often times don’t understand that you do not host all the galleries and often aren’t aware that on our side of the fence, we have cheaters that are using us to spread their garbage. But as site owners, you can basically count these lost surfers as lost sales.

The second type of exploit used is the .hta, or HTML Application exploits. While it only targets IE users, who only account for 75% of browsers on average, it allows sites to execute limitless codes when you load a page. The code can be used to for example, set the start page values for any browser, change your windows search settings, load proxy programs, infect your LSASS files and so on. Since the page is actually executing system commands, it’s the method of choice to really load target computers with spyware. Once target pc’s are infected, they normally cannot perform proper web searches, their traffic is redirected to sites such as link directories that pay affiliates when unique users use their page or load your favorites up with their bookmarks and much more.

It’s clear that collectively, responsible webmasters in the adult industry should move behind one of these anti-spyware initiatives and inform visitors of the risks and the precautions that should be taken to keep them safe from infection. If we don’t seemingly it won’t be long before 70% of users are infected with some sort of tracking cookie or toolbar and that will only hurt the industry. Trusted sites with informative pages and active measures used to prevent the spread of spyware will gain more popularity as it’s becoming clear that these malicious programmers aren’t going to stop anytime soon as they’re making money spreading toolbars, bookmarks, start pages and the likes.

Preventative Measures for Site Owners:

- Monitor your galleries closely and test them in IE, looking for redirect codes and any type of inline frames that would be unnecessary for galleries and like submitted sites
- Hard-link and trade with sites you know you can trust, as its common for other sites to be associated as unsafe when linking to infectious pages

Preventative Measures for Surfers:

- Use either a Mozilla based browser or Opera as your Browser of choice
- Look into precompiled HOSTS files, such as Supertrick, that will block many of the known spyware programs and malicious advertisers at the source before they are loaded in your browser
- Download a program like Ad-Aware or SpyBot Search and Destroy to protect yourself
- Any time you’re prompted to install anything you don’t recognize, decline, research what it is, as it’s most likely spyware.

Be sure to visit CockBoard for more great articles like this written by industry experts.