
The "Wizzards" of Adware - based2
http://blog.talosintel.com/2016/04/the-wizzards-of-adware.html
======
ae_keji
This is fascinating, malware is being distributed in broad daylight by
companies registered and operating in developed countries. Attacks from single
users in, or pretending to be in, Eastern Europe or some other area with
weaker unauthorized access laws seem to be getting less popular, as hackers
are realizing technology and methods of unauthorized access are developing a
lot faster than laws can keep up with them.

------
petetnt
The statement provided by the company in question is kinda hilarious,
basically "Our software totally behaves like malware but don't you dare to say
it or you'll be hearing from our team of rabid lawyers!"

------
kefka
I'm not sure how to take this.

On the simple review, this seems like garbageware and a nice exploit. But the
name PUP gives it away; potentially unwanted programs. We can't say for sure
that the user didn't want them.

Now, if the program resists removal at the behest of the user, then yes, it's
malware. But I've done computer work back in the day with Bonzi Buddy, and
there real users who wanted that pile-o-crap on their computer.It was very
much wanted, and went out of their way to get.

~~~
matt_morgan
But the software does lots of things the users didn't ask for, wouldn't
expect, and aren't told about. That's over a line.

------
YeGoblynQueenne
>> Contrary to Talos’ wrongful allegations, our business has been approved by
French regulators and we have never been indicted or sued for any malware
distribution!!!!

Oh dear. Four exclamation marks? Someone's about to start wearing their
underpants on their head, methinks. [1]

_________

[1]
[http://wiki.lspace.org/mediawiki/Multiple_exclamation_marks](http://wiki.lspace.org/mediawiki/Multiple_exclamation_marks)

------
based2
[http://blog.talosintel.com/2016/04/the-wizzards-of-
adware.ht...](http://blog.talosintel.com/2016/04/the-wizzards-of-adware.html)

"“With a network display 11.7 million PCs installed worldwide, Tuto4pc.COM
GROUP achieved a turnover of € 12 million during the year 2014.”"

------
siculars
The doublespeak is real.

------
dang
Url changed from [http://www.securityweek.com/cisco-finds-backdoor-
installed-1...](http://www.securityweek.com/cisco-finds-backdoor-
installed-12-million-
pcs?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:%20Securityweek%20%28SecurityWeek%20RSS%20Feed%29),
which points to this.

~~~
duskwuff
Caveat: The original article doesn't include the response by Tuto4PC.

