rossi beware!!!!!!!! [SPAUG] FW: Warning: Connect2Party malware is active Hutchings, Stan stan.hutchings@lmco.com Wed, 24 Jul 2002 13:37:13 -0700
Previous message: [SPAUG] The new mouse (fwd) Next message: [SPAUG] Reminder of signup needed for August 6 Briefing Center Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
A SPAUG member reports infection with the malware "Connect2Party". If you notice any activity on your computer that references Connect2Party, you need to take removal action. The malware apparently redirects your modem connection to a number that charges a hefty fee per minute. It is most often picked up when an unscrupulous website asks you to use its downloader. The Uninstall option is a dummy; it does not uninstall the malware. The PC World gives some advice in the quote below, but not a recipe - it could get messy. The full article is at: www.pcworld.com/howto/article/0,aid,86524,00.asp <http://www.pcworld.com/howto/article/0,aid,86524,00.asp> and this malware was also reported in the SPAUG March 02 ShareWhere: http://www.pa-spaug.org/Dom02/dom0203.htm <http://www.pa-spaug.org/Dom02/dom0203.htm>
"The Dirt on Connect2Party Connect2Party uses a convoluted method of disconnecting your modem and then reconnecting it to call an international long-distance number. The phone rates are high enough that they'd make up a significant part of a third-world country's GNP. The Federal Trade Commission has a consumer alert (http://www.ftc.gov/bcp/conline/pubs/alerts/modmalrt.htm <http://www.ftc.gov/bcp/conline/pubs/alerts/modmalrt.htm> ) about this scam. Better, if you want to see the FTC in action, take a gander at the legal steps it's taken against Ty Anderson Enterprises. A porn industry gossip site is just delighted with Connect2Party. Here's a quote (and no, I'm not going to reveal the URL): "We've started a little experiment with no credit card needed. Historically, it's like a 900-number in the old days. A surfer downloads a piece of software which is a dialer. And the dialer basically dials an international phone number. They're charged in the U.S. $3.99 per minute and their Internet browser brings them into the site. All legal FCC requirements pop up on the screen and they have to check them off before they can enter." Quick tip: Use Zone Alarm, a free firewall, to block Connect2Party from making an outgoing call. What makes Connect2Party particularly insidious is that in addition to adding itself to the various Run and Load Registry entries, it also conveniently creates entries in Control Panel's Add/Remove programs applet (thoughtful, eh?). Worse, the removal tool only appears to remove Connect2Party--it then adds it back into the Run lines of the Registry, so that it's reinstalled on reboot."