Microsoft and US state sue spyware company

Secure Computer's software introduces insecurities, Microsoft alleges. Robert McMillan reports

Microsoft and the Washington state attorney general have filed lawsuits against antispyware software vendor Secure Computer, alleging that the company’s Spyware Cleaner software not only fails to remove spyware as advertised, but makes changes to users’ computers that make them less secure. The attorney general’s lawsuit is the state’s first to be filed under Washington’s 2005 Computer Spyware Act.

Washington’s 16-count lawsuit was filed in US District Court in Seattle and follows investigations by both Microsoft and the Attorney General’s high tech fraud unit. In addition to the Spyware Act violations, the lawsuit accuses Secure Computer of violating the state’s Commercial Electronic Mail and Consumer Protection Acts, as well as the federal CAN-SPAM (Controlling the Assault of Non-Solicited Pornography and Marketing) Act, says Washington Attorney General Rob McKenna.

“What this company has been doing is marketing its Spyware Cleaner product using false and deceptive means and also corrupting computer users’ hard drives as a result of the so-called free scan that they offered to consumers,” he says.

The state’s lawsuit also names Secure Computer president Paul Burke and web domain owner Gary Preston, both of New York state, as defendants. It further charges Zhijian Chen, of Portland, Oregon; Seth Traub, of Portsmouth, New Hampshire; and Manoj Kumar, of Maharashtra, India, in connection with the advertising of the product.

Microsoft has also sued Secure Computer, alleging that the company’s Spyware Cleaner email and pop-up advertisements falsely suggested that Microsoft endorsed the product, says Nancy Anderson, vice president and deputy general counsel with Microsoft. “They were illegally using our name and our trademark to frighten consumers,” she says.

A lawyer representing Secure Computer says that the controversial business practices at the heart of the state’s case were the fault of marketing affiliates and not Secure Computer. “A lot of these allegations of this advertising ... have nothing to do with us,” says John Dozier, managing partner with Dozier Internet Law.

Secure Computer has used a marketing clearing house called Clickbank.com to recruit sales affiliates and one of the Clickbank.com affiliates, Manoj Kumar, was responsible for the advertising that misused the Microsoft brand, Dozier says. Kumar was fired as soon as Secure Computer became aware of his business practices, he says.

Secure Computer does not permit email marketing of the product and it did not even develop the Spyware Cleaner software that McKenna says is spyware, Dozier claims. The company is simply a “sales and marketing firm,” he says.

Secure Computer president Paul Burke was “shocked and surprised” by the allegations in the complaints, Dozier says.

While Dozier could not say who wrote the software in question, it appears to have been authored by a developer named Mladen Bajic, according to Eric Howes, director of malware research at antispyware vendor Sunbelt Software. The software is similar to a number of other antispyware products, including software called Scan & Repair Utilities 2006, and SpyVest, he says.

Spyware Cleaner does detect some spyware and adware, but it does not qualify as reputable software, Howes says. “It’s not completely worthless, but compared to the top antispyware products on the market, it’s not even in the same class,” he says. “The number of false positives turned up by this product was just ridiculous.”

Windows expert Mark Russinovich, best known as the discoverer of the Sony BMG Music Entertainment rootkit software, recently analysed Spyware Cleaner and found it lacking. “Even on a freshly installed copy of Windows XP, Spyware Cleaner reports close to a dozen ‘extreme risk’ and ‘high risk’ infections that include innocuous items like cookies left by MSN.com and several built-in Windows COM components,” he wrote in a blog posting.

Spyware Cleaner has been on sale since about 2004 and the product has been marketed via “spam, pop-up ads and deceptive hyperlinks,” offering a free spyware scan, the Washington attorney general’s office says in a statement. These scans detected spyware, even when none was present, and then instructed users to buy Spyware Cleaner. Once customers had paid the US$49.95 (NZ$73) purchase price, the software would then erase the computer’s hosts file, which can be used by the browser to block unwanted websites.

In tests, the state’s investigators found that Spyware Cleaner was unable to detect most genuine spyware programs and that it often falsely identified legitimate files as spyware. “We [tested] this on a computer when we had a fresh install and it falsely identified a number of programs as being spyware when really they were not,” McKenna says.

If the allegations in this case are true, Secure Computer could pay dearly. The Washington spyware act imposes a penalty of US$100,000 per violation and the company is also looking at penalties of US$250 per violation of the CAN-SPAM Act, as well as US$500 and US$2,000 per violation, respectively, under Washington’s antispam and consumer protection laws.

Based on the money that Secure Computer has made from the product, McKenna estimates thousands of users have been affected and that the penalties will amount “to millions of dollars”.

Join the newsletter!

Error: Please check your email address.

Tags can-spam actsecuritySecurity IDspyware

More about BMG Lab TechMicrosoftMSNSonySunbeltSunbelt Software

Show Comments
[]