|
Woe unto the Web surfer who visits www.easycracks.net.
The site, popular with curious teenagers, offers free code used to unlock
bootleg copies of everything from Windows XP to video games. But click a link to
download a pirated program, approve one pop-up window, and secretive programs
install themselves on your PC. Then this 'adware' generates endless pop-up
ads from well-known companies.
It's one example of how some questionable characters are hijacking the
placement of online ads as big companies pour billions into Web marketing. On
April 4, New York Attorney General Eliot Spitzer filed fraud charges against
Internet marketing firm Direct Revenue LLC for allegedly sneaking adware onto
millions of PCs. Direct Revenue calls the lawsuit baseless.
The gravy train starts with big advertisers. The companies they hire, such as
Yahoo! and Google, tally the clicks the ads generate and charge accordingly. But
to juice the returns, those outfits sign up partners who distribute the ads in
return for a fee, and those partners sign up other partners. With each layer
vying for more locations to showcase lucrative ads, there's an incentive for
someone along the line to deliver them via surreptitiously installed programs.
Says Ed English, CTO for antispyware products at security firm Trend Micro:
“We're seeing new trick after new trick.”
 An analysis by computer security firm Sana Security of San Mateo, California,
shows how such a scheme works. At easycracks.net, users who want to download
codes to obtain unauthorized copies of Microsoft Office 2000 are asked to
install a type of software, known as ActiveX controls, offered by Dutch firm ECS.
But approving the installation causes at least 16 other pieces of adware to
download. None ask for permission to install themselves on PCs, according to
Sana. They quickly deliver as many as five pop-up ads per minute.
That setup could generate substantial income. Mike Friedman, business
development manager for ECS, says it pays easycracks up to 30 cents per
installation of the adware programs on US-based PCs. So for each PC loaded with
16 programs, easycracks could earn up to $4.8. ECS is changing the agreement, he
says, and as a result of BusinessWeek's inquiry it is investigating easycracks.
Easycracks, whose website says it is based in Armenia, did not respond to
e-mailed requests for comment.
Big advertisers say it's difficult to track their ads. “They put your
name all over some pop-up ad,” says eBay spokesman Hani Durzy. “As we become
aware of them, we take action to get them to stop.” But analysts say companies
are only beginning to actively police ad networks. Harvard researcher Benjamin G
Edelman says a Vonage ad traveled through as many as eight subdistributors
before appearing on the PCs of users who visited easycracks.net. Vonage
spokeswoman Brooke Schulz says the company immediately notified its online ad
agency, a unit of ad conglomerate Arnold Worldwide Partners, after it was
contacted by BusinessWeek.
In a separate study, Edelman shows how ads purchased for placement on Yahoo
and partner sites by companies such as Cablevision Systems were also
redistributed until they showed up as pop-ups. According to Edelman, Yahoo
became blind to the trail of its own ads. One partner, Ditto.com, presented a
Yahoo ad through another site, NBCSearch. That company passed it along to one of
its own partners. (NBCsearch and Ditto.com did not respond to requests for
comment.) Sometimes, the ads showed up in pop-ups from spyware programs. In a
prepared statement, Yahoo says it “takes the quality of its search ad
distribution network very seriously. We are carefully investigating the claims
that have been raised.”
By Brian Grow and
Burt Helm, with Ben Elgin
in San Mateo, Calif. Page(s) 1
| 
Print
Comment
Email
Digg
Del.icio.us
Reddit
Twitter
