Advertisement
Promo

Online business Toolkit

Spammers slipping ads through Windows

Published: 18 Oct 2002 07:42 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Spammers have co-opted an administration feature in Microsoft's Windows operating systems and are using it to bring up intrusive advertisements on Internet-connected computers.

The feature, known as the messenger service, typically lets a network administrator send warnings to users when, for example, a server is scheduled to go down for maintenance. Now some advertisers are using it to send bulk messages to anyone connected to the Internet with an accessible address.

"Spammers are blindly sending their advertisements by randomly picking a series of Internet addresses," said Charmaine Gravning, product manager for Windows at Microsoft. "On computers without a firewall, a little messenger window pops up."

The messenger feature, not to be confused with Microsoft's instant messaging applications, can use many different protocols to send a single message, according to Microsoft. The intrusive messages only appear on computers running Windows 95, 98, NT, 2000 and XP and that are directly connected to the Internet via a valid address; Windows systems behind a firewall or attached to a router that links multiple computers to a single Internet address will be unaffected.

"The feature can be used to notify a user when a printer job fails," said Lawrence Baldwin, president of myNetWatchman.com, a company that monitors incidents on the Internet through a network of sensors set up by volunteers. "It was never the intention to let someone halfway across the world send messages that pop up on your screen."

Free utilities that enable people to exchange messages with each other using the messenger service have been available on the Internet for a while, but one enterprising company has recently started selling such software.

DirectAdvertiser.com, a US-based firm registered in Romania, has created an application that lets users send advertisements via the messenger channel to anyone whose computer is set up to receive messenger-service notes. The program costs $700 (about £448) and has, in two months, already sold more than 200 copies, company founder Zoltan Kovacs said in an interview.

"You always get some people who don't like the product," Kovacs said, referring to the moderate amount of critical mail he has received. "But many more are interested in the product."

Kovacs stressed in the interview and on his Web site that the application is not for sending spam. However, a testimonial on the Web site says, "If you've been a bulk emailer like myself, you owe it to yourself to try DirectAdvertiser."

In fact, DirectAdvertiser may be the reason more security experts have become aware of the abuse of the Windows messenger service. Students at James Madison University, for example, reported that the technique has been used to cause an ad selling university diplomas to pop up on their computer screens, according to Wired News, which first reported the abuses. Based on interviews with users of the software, MyNetWatchman.com's Baldwin estimates that spammers can send more than 100,000 messages in an hour.

"This is just going to be a whole other delivery vehicle for spam," Baldwin said, adding that the fact the service is turned on by default is another indication that Windows security has a way to go. "But welcome to Microsoft," he said.

Since a January memo sent by Microsoft chairman Bill Gates turned the company's focus to security, the software giant has been turning off unneeded services that could compromise security. While Microsoft's Gravning stressed that the firewall that ships with Windows XP disables the messenger service by default, she admitted that turning the messenger on in default installations is mainly a matter of convenience.

"Is this something that we should look at?" Gravning said. "I think that is a good question, and (I) will find out if there is a reason that we have it turned on."

For all security-related news, including updates on the latest viruses, hacking exploits and patches, check out ZDNet UK's Security News Section.

Have your say instantly, and see what others have said. Go to the Security forum.

Let the editors know what you think in the Mailroom.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
48 out of 100 people found this useful


In association with HP

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Online business


Company/Topic Alerts

Create a new alert from the list below:





Sentry Posts Blog

McKinnon lawyers seek judicial review

Lawyers seeking a judicial review for Nasa hacker Gary McKinnon lodged fresh evidence of his psychiatric state at the High Court on Thursday. Karen Todner, McKinnon's solicitor,... More

1 comment

Beware of keeping your head in the clo...

Information security professionals can look forward to a deepening appreciation for their skills as security continues to be recognised as an essential element for doing business in... More

1 comment

Civil liberties groups attack file-sha...

Civil liberties and digital rights organisations have strongly criticised Lord Mandelson's Digital Economy Bill. Liberty said in a position paper on Tuesday that the bill, part of... More

Post a comment

Video icon

Video

Google Chrome

Roundup: Full coverage of Google Chrome

The search giant has launched a beta of its own open-source browser, sending a clear challenge to Microsoft in the way it lets users work with applications More

Blog: Google Chrome has Microsoft's code inside, says MS manager

And furthermore, he says, that's a good thing... More

Blog: Google Chrome — nine things we've found since launch

Google must be very happy with the coverage Chrome has gathered. But it's not all good news... More


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters