Privacy Digest

Adware Maker Says Facebook Security Warning False and Reprehensible - Via Threat Level:

A report from security firm Fortinet that a Facebook application was attempting to sneakily install adware on user's computers is "completely false," according to Zango, the company which makes the adware.

Zango's associate corporate counsel Kevin Osborne called the report "reprehensible" in a phone interview Friday, saying Fortinet had just piled together the hot buzzwords "Facebook," "Widgets" and "Spyware" to make a splash.

Fortinet warned Wednesday in an advisory entitled "Facebook Widget Installing Spyware" that a "Secret Crush" app was virally spreading through Facebook and had more than a million installs.

"All of our installs are trackable to individual partners," Osborne said. "We have not seen any spike close to those numbers."

Fortinet, which makes consumer anti-virus software, warned Thursday that a "Secret Crush" Facebook add-on that promised to tell you who of your friends harbored secret longings for you didn't deliver anything but a pop-up trying to install Zango.

Instead, what Fortinet likely saw was that after an install, the Secret
Crush application served up a legitimate ad, according to Osborne.

Secret Crush, created by a firm called Mobile Marketing that makes its money off by sending horoscopes to cell phones at $1.35 a day seems to have been renamed overnight, to "My Admirers."

In a blog post , Zango says it was unable to reproduce the pop-up ad for Zango, instead getting an ad for Mobile Marketing's own services.

At no point in adding the Secret Crush widget to a Facebook profile does the widget install either spyware or Zango software, or even attempt to do so. Any suggestion that Zango software is being “secretly installed” is simply not true. Moreover, our general security monitoring of the Zango network has shown no abnormal increase in installations – something we would have seen based on the reported usage numbers of the Secret Crush widget.

Zango, formerly known as 180solutions, creates software that shows ads to users in return for allowing them to view its proprietary games and videos. Federal regulators fined Zango $3 million in 2006 for profiting from rogue affiliates who forced installation of Zango software without consent.

Zango has since said it has purged the rogue affiliates, prevents installs without consent and monitors its install base for abnormal patterns.

Fortinet did not have an immediate reply to a request for comment.

See Also:

• Secret Crush Facebook App Installing Adware, Security Firm Charges
• Sanctioned Adware Firm Still Rogue, Critics Say: Updated
• In Message to Industry, Government Fines Adware Purveyor $3 million

(Read Original Article - Via Threat Level.)