1. Exquisite Tweets from @threatresearch

    blechCollected by blech

    1) So, call me a masochist if you will, every so often I bomb a testbed PC with so-called adware/junkware applications. Install 'em all.

    Reply Retweet Like

    threatresearch

    Accountability Brandt

    2) And then I let the adware - and it is very generous to describe them that way - run for a few days, to observe its behavior over time.

    Reply Retweet Like

    threatresearch

    Accountability Brandt

    3) Here's a screenshot of what Process Explorer shows is running on the testbed right now. It is abhorrent and evil.

    Reply Retweet Like

    threatresearch

    Accountability Brandt

    4) Some of these so-called "potentially unwanted apps" themselves installed malware - clickfraud and other garbage Trojans killing the CPU

    Reply Retweet Like

    threatresearch

    Accountability Brandt

    5) One of these PUAs actually installed a goddamn bitcoin miner. It's the "suspended" app in the screenshot above. Unbelievable gall!

    Reply Retweet Like

    threatresearch

    Accountability Brandt

    6) And another has hijacked all browser shortcuts by adding its own URL to the command line, forcing them to open a junk search engine page

    Reply Retweet Like

    threatresearch

    Accountability Brandt

    7) So thanks, navsmart[.]info for insinuating yourself as my start page, even though I changed the settings #navdumb

    Reply Retweet Like

    threatresearch

    Accountability Brandt

    8) And you really have to hand it to the namer of "wizzcaster" - it really is like you're casting wizz on my PC

    Reply Retweet Like

    threatresearch

    Accountability Brandt

    9) What it boils down to is, people get suckered into downloading this crap by extremely deceptive popups which claim the apps are legit

    Reply Retweet Like

    threatresearch

    Accountability Brandt