SECURITY WARNING: "We captured Osama" Link

JCross · #21 (**permalink**) 02-12-2004, 06:22 PM

I'm sure everyone here is anxiously waiting for the owners of this new "Osama Captured" AIM embedded code threat to be revealed. My company, as you may know, is also responsible for preparing research for a class action lawsuit against Xupiter. You can read our Wired article here: http://www.wired.com/news/infostruct...,60694,00.html

The IPCC is the first (and to my knowledge, the only) group that has confirmed the identity of the owners of BuddyLinks/PSD Tools (the people who make this new AIM threat).

You can read their profile in our Privacy Offender Database here:
http://www.ipccouncil.com/OffenderPr...nksProfile.htm

I'd also like anyone who claims that their AIM profile gets deleted after an uninstall, or anyone who cannot access buddylinks.net after being infected, to contact me directly at either XupiterGuys929@yahoo.com (preferably) or JCross@IPCCouncil.com Thanks!!

Jay, IPCC

Jeff · #22 (**permalink**) 02-12-2004, 06:33 PM

Good post, Jay.

I'll just add what AOL has put on their site regarding this nasty business, including their official instructions for removing it:

Quote:

quote:Important Information
We have received reports that a number of AIM users have received Instant Messages from someone on their Buddy List asking them to check out the following link: http://www.wgutv.com/osama_capture.php?dII5

IF YOU RECEIVE THIS MESSAGE, DO NOT CLICK ON THE LINK, EVEN IF IT COMES FROM SOMEONE ON YOUR BUDDY LIST.

This link takes users to a web site that asks them to download a game. If the user agrees to download the game, the web site also installs a secret "adware" program on the user's machine that can deliver unwanted advertisments and promotions. The adware program will also send the same link out to every person on the user's Buddy List -- spamming their friends and associates with a link to the same adware.

HERE'S THE FIX:
If you have already clicked on the link and downloaded that software, you can remove the adware program from your machine by clicking on Start --> Control Panels --> Add/Remove Programs and then removing the applications related to:
• BuddyLinks
• PSDT Messaging Integration
• PSD Tools ChannelUp v1.0 (remove only)

Additionally, if you have downloaded this program, you may want to alert friends and associates on your Buddy List how they can remove this software.

The culprits who spread this Osama-hoax-adware should be punished for their deceptive and unethical practices.

JCross · #23 (**permalink**) 02-13-2004, 02:42 AM

I'm getting even more reports that users who are infected are unable to access buddylinks.net. Is it just me, or does it seem suspicious that an honest "AIM Enhancement" software blocks users from accessing the vendor homepage?

J

Jeff · #24 (**permalink**) 02-13-2004, 10:51 AM

According to Wired News, AOL is considering legal action against BuddyLinks.net. While the BuddyLink's "useful" add-on may have a CYA-TOS, the reality is that this sort of program is unethical and taints everyone associated with it... even, in this case, AOL.

And check out the link on page two of that Wired article -- a link to BigBlueBall!

stev02 · #25 (**permalink**) 02-13-2004, 12:44 PM

I have a site also for this...

http://antibuddylinks.mixxstudios.com

JosefBud · #26 (**permalink**) 02-15-2004, 04:35 AM

Restart your computer. When it starts booting up, constantly press F8 until you get to a screen that asks how you want to boot up Windows. Go into safe mode. When windows loads up in safe mode, go to start->programs->accessories->system tools->system restore. Click Next. You'll get a calendar. Pick the day before that you KNOW you got the adware on. You should know what to do from there.

David · #27 (**permalink**) 02-15-2004, 10:04 AM

Quote:

quote:Originally posted by JosefBud

Restart your computer. When it starts booting up, constantly press F8 until you get to a screen that asks how you want to boot up Windows. Go into safe mode. When windows loads up in safe mode, go to start->programs->accessories->system tools->system restore. Click Next. You'll get a calendar. Pick the day before that you KNOW you got the adware on. You should know what to do from there.

Not only does that only work for Windows ME/XP users, but system restore should never be considered a solution to this type of thing.

JosefBud · #28 (**permalink**) 02-15-2004, 07:26 PM

Yeah it shouldn't...it also shouldn't have to be used at all but considering that my computer wouldn't boot until I got rid of it from system restore, sometimes you have to.

irresistible49X · #29 (**permalink**) 02-19-2004, 08:36 PM

which of the methods listed above of removing it work like the downloading things

Similar Topics
Topic	Topic Starter	Forum	Replies	Last Post
AIM clients - How to put the lockdown on security!	WhiteMateria	AIM Support	14	08-02-2008 06:05 PM
Osama Captured?	Qwerty	The BigBlueBall Lounge	13	11-16-2004 03:50 PM
Warning: Security risk when using MSN Messenger 7 BETA	BigBlueBall News	Windows Live Messenger News	0	10-05-2004 01:00 AM
IMSecure Pro by ZoneLabs	BLACK HAT	Online Privacy, Safety & Security	2	08-13-2003 10:13 AM
AOL IM Security Hole: Sign of Things To Come?	BigBlueBall News	AIM News	0	10-05-2001 01:00 AM

THE BASICS About us BigBlueBall Blog Contact us	NEWS & REFERENCE Instant Messaging Social Networks Mobile Tech View all categories	DISCUSSION FORUMS Instant Messaging Social Networks Mobile Tech Computer Support View all forums	COMMUNITY Fan us on Facebook Follow us on Twitter Bookmark us on Delicious Subscribe to our RSS feed BigBlueBall badges	CONTRIBUTE Advertise on BigBlueBall Write for us Report a site bug
	Copyright © 2000-2009 BigBlueBall · All rights reserved · Privacy Powered by vBulletin® Copyright ©2000 - 2009, Jelsoft Enterprises Ltd. · Search Engine Friendly URLs by vBSEO 3.2.0

Currently Active Users Viewing This Topic: 1 (0 members and 1 guests)