All the Perl that's Practical to Extract and Report

friendgreetings.com

Matts on 2002-10-25T09:11:14

There's a new "worm" going around which I find *really* interesting.

I'm having a hard time calling it a virus, even though we're stopping it as a virus for our customers. It's basically an email from a "friend" - with a link in it to get your greetings card from "friendgreetings.com". When you click on the link it tries to download and install either an ActiveX component (IE) or a Java component (Netscape). This component (which is validly signed), when it tries to install itself, prompts you with an EULA that states the following: 

1. Consent to E-Mail Your Contacts.  As part of the installation process, Permissioned Media will access your MicroSoft Outlook(r) Contacts list and send an e-mail to persons on your Contacts list inviting them to download FriendGreetings or related products.  By downloading, installing, accessing or using the FriendGreetings, you authorize Permissioned Media to access your MicroSoft(r) Outlook(r) Contacts list and to send a personalized e-mail message to persons on your Contact list.  IF YOU DO NOT WANT US TO ACCESS YOUR CONTACT LIST AND SEND AN E-MAIL MESSAGE TO PERSONS ON THAT LIST, DO NOT DOWNLOAD, INSTALL, ACCESS OR USE FRIENDGREETINGS.

[and much more snipped]
This is totally legit as far as I can make out. The user installs and runs a program that emails out to everyone in your address book, and not only that it tells you it's going to do it, very clearly.

Of course nobody reads EULA's, so we're seeing thousands of these pass through our systems.

I just find this a really amusing look into the social aspects of computing. We've become so numb to boring 20 page EULA's that we'll just install anything without reading. Fascinating.

[By "we", I mean the general computing populous - not us geeks who wouldn't install this in a million years]

or maybe we would ...

ask on 2002-10-25T12:17:20

By "we", I mean the general computing populous - not us geeks who wouldn't install this in a million years

If you run windows and you think it's just another plugin you need to view something odd, maybe you would.

Of course, now you wouldn't anymore.

And obviously us geeks don't do MS-Windows. :-)

  - ask

Hello World

revner on 2002-10-31T03:49:14

A user of mine installed the friendgreetings app. This caused his Office shortcuts to not work. I connected to friendgreetings.com and a site came up only saying Hello World

It is code that harmed a computer I am responsible for - To me this is a virus that needs to be stopped by my virus software, no matter if a user clicks on the program or not.