Page 4 of 5   <       >

Invasion of the Computer Snatchers

But 0x80 and one of his friends -- who goes by the screen name Majy -- say they've easily disguised their installation methods. Their biggest complaint about the whole enterprise: being routinely shortchanged by the adware distribution companies, which often "shave," or undercount, the number of programs installed by their affiliates.

"It sucks, too, because the companies will shaft you, and there isn't a lot you can do about it," says Majy, 19, who claims to have had as many as 30,000 computers in his botnet.

There are, in fact, legal ways to induce PC owners to download spyware and adware. Most computer users acquire spyware and adware simply by browsing certain Web sites, or agreeing to install games or software programs that come bundled with spyware and adware. Before its Web site went dark not long ago, bundled its adware and spyware with products most likely to appeal to children and teenagers: simple games, online game insignias or "avatars," and "emoticons," custom-made smiley faces for use in instant-message software. The company also marketed short digital videos that catered to the humor of teenage boys: "Beavis and Butt-Head" cartoons, a short clip called "Boob Boxing" and another titled "Bath Fart."

Computer users may or may not understand what they are consenting to when they click "OK" to the lengthy, legalistic disclosures that accompany these games or videos. But those notices are legal contracts that essentially absolve the adware companies from any liability associated with the use or misuse of their programs.

0x80 and Majy don't leave computer owners any chance to decline the adware. Once they invade a computer and add it to their botnet, they use automated keystroke codes to order the enslaved machine to click "OK" on installation agreements. 0x80 says he even created a program that allows him to remotely wipe computers in his botnet clean of old adware, making room for him to install new adware -- and get paid again.

And getting paid is the whole point. Majy says TopConverting, which did not respond to requests for comment for this article, paid him an average of $2,400 every two weeks for installing its programs. He got 20 cents per install for computers in the United States and five cents per install for PCs in 16 other countries, including France, Germany and the United Kingdom. A nickel per install doesn't sound like much, unless you control a botnet of tens of thousands of computers.

Majy also receives income from Gamma-Cash, which bills itself on its Web site as "an industry leader in online adult affiliate programs." The company pays affiliates to drive traffic to adult Web sites, mainly through pop-up advertisements for porn sites served to users through its XXX toolbar, which hijacks the victim's Web browser and sets its home page to one of several subscription porn sites. Majy says Gamma-Cash, which did not respond to requests for comment, sends him a $400 check each month from a bank in Canada.

0x80 also installs adware for Gamma-Cash. And he works for a company called Loudcash, which was recently purchased by one of the largest and most important players in the adware business: 180solutions.


Half of the glass-and-steel structure that houses 180solutions' sprawling headquarters in Bellevue, Wash., rests underground; the other half juts out at acute angles. The rooftop sports an AstroTurfed volleyball court, a gas grill and a commanding view of the Seattle skyline.

"At some point between dealing with legitimate distributors and these botnet guys," says 180solutions co-founder Dan Todd, "we realized that something had gone terribly wrong."(Brian Krebs -
Some of the company's 200-plus employees zip around the long hallways on Segways or foot-powered scooters. Throughout the building are polka-dotted posters that read, "Who Do You Want to Be?" The signs are meant to challenge employees to continuously reevaluate their roles, but they also reflect the seven-year-old company's effort to prove to the world that it has executed a 180-degree shift away from its past business practices.

180solutions got its start in the adware industry with a product called Epipo, which paid people roughly six cents per hour to view specially targeted advertisements sent to their computers. The product became popular among college students, who quickly figured out ways to automate browsing the Web so that they could get paid for viewing ads while they were away from their computers. According to allegations in a lawsuit filed by the Washington state attorney general's office, 180 responded by changing the payment terms so that it was virtually impossible for people to collect the promised money. The company nearly went bankrupt when it settled the suit in 2002.

By that time, 180 had changed its marketing strategy. Instead of paying people to install its adware, the company lured them with free games, which came bundled with ad-serving software called "n-Case." The software tracked users' surfing and buying habits, and was extremely difficult to remove. Consumer advocates had little difficulty showing that n-Case was being installed without user consent. Faced with increasing criticism for the fraudulent installs, 180 rebranded the software as 180 Search Assistant. The new software's chief distinguishing feature was that it was easier to remove than n-Case.

<             4        >

© 2006 The Washington Post Company