Check Website
Inclusion Status
It is currently Fri Jan 18, 2019 11:20 am

All times are UTC

Post new topic Reply to topic  [ 1 post ] 
Author Message
 Post subject: The Teflon exploit
PostPosted: Mon Sep 27, 2010 1:54 am 
User avatar

Joined: Tue Sep 14, 2010 3:32 am
Posts: 184
In the Hosts Inbox, I recently reported three new hosts for a firm called Tynt, which spreads its tracking code by cut-and-paste, with the website visitor (and sometimes the website owner!) remaining unaware that any executable code is being installed. (Two of Tynt's hosts were already listed in hpHosts as ATS.)

Tynt is an example of a troubling phenomenon that I call the "Teflon exploit", whose significance extends far beyond that one firm. This phenomenon is named after the famous "Teflon don" of New York, John J. Gotti, whose ability to evade prosecution and maintain a dashing facade was legendary. There appears to be a definite trend toward the development of malware that attempts to maintain plausible deniability of malicious intent even when its activities are uncovered, yet is as ruthless as any worm or virus in exploiting obscure program design weaknesses to maintain its presence in the face of countermeasures. Certain programs that use Flash "super-cookies" (or "crookies" as I call them) are another example. Teflon exploits are typically spyware, aimed only at gathering information; they won't clean out your bank account or send spam from your computer. They will, however, hide their code inside what you think are merely text and images (Tynt), or restore cookies from a Flash super-cookie, or from a covert folder, or from your browser cache, after you think you've deleted all your cookies.

Malware isn't usually described in verse, but this disturbing trend has inspired the following:

The Teflon exploit

We taint your website with our Tynt
without your knowledge or consent.
We propagate by cut and paste;
no plagiarism goes to waste.
When visitors protest our hack,
we blame your partners in our FAQ.
You signed a contract? Take a hint:
you should have read the finest print.
Your guests signed nothing? We've no doubt;
but they could still have opted out.
So please distinguish, if you can,
a gangster from a businessman.


Virtual swine live in websties.

Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 1 post ] 

All times are UTC

Who is online

Users browsing this forum: No registered users and 1 guest

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
hpHosts and hpHosts Online are copyright © Malwarebytes Corp - All Rights Reserved

Powered by phpBB © 2000-2009 phpBB Group