Get the latest information on the lowest forms of Internet traffic hijacking here at JimWorld!
ScumWare Resources







Return to Jim World

Sponsored Links

SimpleNet Web Hosting
Free Domain, 24/7 Support


Topic: Scumware, Spyware, Adware & Malware Applications

Written By: Melissa Martin

ON: 03/05/2004

AOL & BuddyLinks (Osama Found) - You could be next

FAST TRACK: Removal Ratings Explained Glossary
Application type: Adware
Security Compromise: Possible.
Advertising: Yes.
Privacy Violation: No.
Stability Problems: No.
Overall Risk:
Scum Rating:
Security & Privacy Risk:
Description:

BuddyLinks is an application that can be downloaded and installed directly through your instant messenger service via a simple URL link. Once permission is secured to install the program on your PC, BuddyLinks then goes on to distribute messages (spam) your friends on your instant messenger list. BuddyLinks first began to become prominent within the AOL messenging system around February 11, 2004 when something that appeared to be a worm spread among the people on their buddy lists.

How do you get it?

Buddy Links, also nicknamed "Osama Found" in IM circles is actively distributed from BuddyLinks.net and created by PSD Tools. It can also be installed if you know someone that has it by clicking on the URL in the spammed message you receive. Generally the spammed message will read "check out this link" and provide a link to the BuddyLinks 'game', prompting people to click on the URL. It takes advantage of the social nature of the Instant Messaging programs when friends send you jokes, games and other timewasters to 'check out'. Once clicked a dialog box appears asking the user to install the 'game' which is the BuddyLinks program.

AOL is also considering legal action against PSD Tools, the makers of the BuddyLinks program for some devious methods to install the program on your PC. BuddyLinks actively spread a false story about Bin Laden getting captured (how it has earned the Osama Found nickname). The program sent an instant message to every person on each user's buddy list that included a link to a fake TV news website. A dialog box appeared, asking the user to install a 'news player'. The end result was that the program played an animated game, reconfigured AOL's IM system to receive advertising and resent the same message to everyone on the new victim's buddy list. It was in this way that BuddyLinks began to spread through the AOL IM system.

Details:

BuddyLinks sends delivers contextual advertising to the end user and other people on your "Buddy List". Once installed, BuddyLinks effectively becomes a program to spam all of your friends with advertisements. Here is an excerpt from the PSD Tools, terms and conditions:

  • In return for the right to access this Content, you acknowledge and agree that the Software contains additional software products provided to PSD Tools by its suppliers which will periodically deliver additional Content such as, but not limited to, advertisements and promotional messages to your Computer. In addition, the Software will interoperate with your current instant messaging client so as to permit the automatic sending of advertising messages originating from your Computer to your contact or “buddy” list regarding Content offered by PSD Tools or its suppliers.
In addition to the above, the program also boasts a self-updating feature which allows BuddyLinks to install new versions of the software silently without any intervention. If that isn't bad enough, PSD Tools also indicates that they are wholly unresponsible for the content they deliver so if you should happen to get an advertisement for something that invades your privacy or tracks your usage online, those are the breaks.
  • Please be aware that PSD Tools is not responsible for the privacy practices of the suppliers of the Content and your use of such Content will be subject to terms of use and/or privacy statements as provided by the suppliers of such Content. PSD Tools encourages you to read the privacy statements of each and every website that provides Content and collects personally identifiable information.
BuddyLinks is aiming to create (in my opinion) the ultimate spamming application:
  • Using future releases of BuddyLinks, users will be able harness our software to automatically transmit information – whether it be job openings, party invitations, jokes or potential dates – to their entire network of instant messaging buddies, all with just the click of a button.


As an additional note, although this program doesn't appear overly bad from the outset, its very nature is pretty scummy. As an end user spammed with an ad from "BuddyLinks" you don't even need to have installed it on your PC yourself. All you need to do is know someone else that did and your PC becomes a target for the advertisements and 'content' BuddyLinks sends. In addition to the above, in some cases installing BuddyLinks will erase your AOL IM profile while others report that even after uninstalling the 'game' continues to reinstall itself.


How does it Violate Privacy?
At this time BuddyLinks does not violate privacy, other than by spamming your PC through someone you know. It is not however limited to BuddyLinks itself - a host of privacy concerns regarding the content that is delivered by the 'third parties' that they are 'wholly unresponsible for' is up for debate.

Are there any known security issues?
BuddyLinks is capable of automatically self updating and installing software and services on your computer without your consent. It may also expose you (and all of your friends on your IM list) to potentially unsecure sites, advertisments and programs. There is a potential security risk in the very nature of using an instant messenger program, because "From a technical standpoint, IM is dangerous because it bypasses a lot of the traditional security safeguards, such as antivirus scanners and firewalls.[..]The technology is still new, so often people use it at work without its being formally supported (and secured) by IT staff." (Courtesy of SearchSecurity.com).

Stability problems:
There are no known stability problems at this time.

Terminating BuddyLinks:

Removing BuddyLinks can be accomplished either through the Add/Remove programs feature of Windows or through a link on the BuddyLinks.net website.

  1. Click on START > SETTINGS > CONTROL PANEL > ADD/REMOVE PROGRAMS. Click "OK" to start the removal process.
  2. Select BuddyLinks.net Messenging Integration and click "Remove".
  3. Exit the Remove/Install Programs feature in Windows and restart your computer. (Note that in some rare cases BuddyLinks will cause your computer to 'freeze' after removal.
  4. Finish the uninstall by running a program such as AdAware, to detect remnant files, registry keys and cookies.
  1. Open up a new browser window and navigate to http://www.buddylinks.net/uninstall.exe.
  2. When the download window appears, select "Run" or "Open" and follow the steps from there.

Additional Links:
Symantec's Security Response and Technical Details
McAfee Security Details
Wired News Article

JimWorld.com Network © 1996 - 2004 .... iWeb Technology: Software | Toolkit | ROI Tracker | The openPPC Project | Gear



High Power Dedicated Servers and bandwidth provided to JimWorld by the web site hosting experts at SimpleNet.com