A Revolution is the Solution
WTG Chris !
Considering the amount of this junk on peoples PC's,I'm wondering if Mr E Spitzer and his team from NY might take aim.Time to drop the man a line 
Now knowing that that DR are reading this blog.Your day of reckoning is coming scumbags!
Rofl, nice one PG.. once again DR has been shown as the lying (and IMHO, criminal) f^&kwits they are.
It will be interesting to say the least, to see Mr Doman's reply to this.
... and Mr Domain, as you obviously read this wonderful blog, you may be interested to know it's a well known fact that if your going to try and get yourself or your company out of the doo doo, your supposed to atleast use that wonderful thing called honesty....
Well that vid brings new meaning to cyber-porno. A virgin PC royally "fux0red" on home video!
What amazes me is that DR actually responded, unlike MMG. What this seems to mean is that DR might still think they have a fighting chance...
PG you rock! I'm sooo glad we are on the same side.
great job mate! keep these sleaze balls out of BT and out of the lives of the poor souls who d/l this crap.
Clueless users need to be told to keep clear of SFX with media files. It's just that simple.
eWeek however overblew the whole issue by claiming that this is a new emerging threat to BitTorrent. It isn't. BT is better protected against this than most other content delivery systems, at least compared to your everyday P2P, because the links are distributed by trusted sources.
Check the "Homepage" link for more discussion.
Sure, finding an SFX with possible malware inside what is supposed to be a media file package, is a nasty surprise, but I don't see what's the big deal. There is no installation without positive user action (to ignore common sense).
to Quote Bender
full disclosure my Shiny metal ass
where exactly do they disclose
that it will totally screw up your system
Keep going m8 these rats need dealing with
Hrmmm.... seems that http://www.marketingmetrixgroup.com/ got hax0r3d or something(3:21PM EST right now)...guess the eweek article got them a bit more exposure than they'd prefer.
hi Red - I've made it clear to all journos that though the phenomenon of rogue files on BT is NOT new, a concentrated campaign with (theoretically) one of the most hardcore installs out there (Aurora / Ceres) IS. Its been rattling round Edonkey for a while, but I've been getting reports of these MMG installers for a while now...thought I'd go check 'em out. And as for users - the sad reality is that people click yes to things. Unfortunate, but when informed consent is given to the end-user, then the correct choice will hopefully be made. Until then, its just the same old, same old.
curtisk - really? Did the site go down or were they defaced or something? I just tried and I can see them. Interesting..
defaced..
Fatal Error BR Crew 2005 - irc.gigachat.net #Ferror takes credit...I just pulled it up again..weird...
Is there any way you can email me a copy of that?
will do..you should see it in a few minutes...
And MMG thought they were uber coders... maby someone should make a harmless Aurora / Ceres uninstaller virus and distribute that on bittorrent. kinda like a retrovirus in the biological world.
-Nikropht
The defaced web site can be seen by clicking the Homepage link in this post (as long as it will remain hosted).
Btw, Paperghost, what makes Aurora/Ceres and SFX installers "hardcore"? Personally I would maybe categorize something like an automatical IFRAME exploit installing things without any intervention in IE "hardcore", but not something that needs the user to click an .EXE inside yet another packed file, when expecting to see .AVI.
Call me elitist all you want but I'm kind of inclined to think that a user inept enough to click "yes" there deserves whatever she gets. That's one way to learn.
...its hardcore because when it gets on board, its a nightmare to remove correctly, even if the victim is being helped by someone who knows what theyre doing on a security forum.
While "they got what they deserved" is one point of view, i choose the one that says informed consent is all important where cases like this are concerned. DR use their Aurora / Ceres licence for their other installs - why the generic one for this package? maybe because they know nobody will install if they see the word "aurora"?
And sadly - people click yes to things. Theres absolutely nothing you can do to stop it, but theres no point someone realising the dangers of an adware install AFTER their PC has been hosed. I'd rather be proactive and warn them off hitting the yes / .exe / click here to win!!! button in the first place
OMG. They were hacked. Ethical question: is it appropriate to laugh? 
Paperghost, I'm all for "informed consent", and I mean much higher level of information than what is provided by just showing a few links to some obscure licenses. So what they do is definitely wrong, I'm not refuting that.
I also welcome all efforts to educate people and bring attention to the adware/spyware issue. What I don't condone however, is scaremongering and failing to accurately portray the impact of the problem. When the unwanted code is easily rejectable by the user and there are also effective safeguards against poisoned files to begin with (community moderated BT sites in the filetrading world), then the problem just isn't that serious.
You must keep in mind the traditional media inclination to cast filetrading as immoral and economically harmful activity, with strong support for content industry propaganda of vilifying the hobby with forged economical studies and claims of high levels of harmful content in the P2P networks and communities (for example the 50% malware content claim in connection with Kazaa, using forged search results and not actual downloads).
Claiming that P2P users are in high risk of getting malware is easily seen as supporting unfair marketing for the companies which hate P2P, because in a risk comparison any web usage with IE or other really high risk software opens up vulnerabilities which allow automatic infection with malware, without any need even to click "yes" against common sense.
I'm not accusing you of this, I'm just pointing out that when discussing drawbacks of P2P with the news media, it's prudent to make sure they get the scale of things correct, or at least are willing to present the other side of the story, in addition to directly quoting **AA press releases.
to be fair, i havent seen any news-sites bashing P2P or Bittorrent. And a number of BT admins have been more than happy to help out - since i started covering these installs i've had a stack of requests for more info on these things.
I love P2P. I write a lot about privacy issues in china, and i have been involved in Peekabooty networks and a whole bunch of other things too. I know you already said as much, but i DO want to state this for the record:
1) i have no problem with P2P or BT. im simply mortified that a certain type of install has wangled its way into BT land.
2) i dont think my piece cries out that BT land is heaving with adware installs. im simply saying that a good portion of it is specifically pushing Aurora / Ceres, which i dont think is a good thing. Ive actually aid in interviews with all journos thus far that whilst this is NOT a long term problem for BT (as all marketing campaigns end eventually), its illustrating a path that many other corporate adware companies will eventually go down.
You people should realize that the site has shut down because of presure from direct revenue and 180 search assistant, The company will be up and running again at some point
Is there any place I could grab a copy of MMG's P2P software? I'd like to take a look at it myself.
Drop me an email if you're aware of any places to look.
Kent
Commenting by HaloScan
