Porn Worm Drops Spyware on Unsuspecting PC Users

A new spyware program called DigiKeyGen is luring the unwary with a claim to provide free access to online pornographic content. It's hardly a new tactic, but Panda Software has discovered yet another instance of this time-tested social engineering ploy.

DigiKeyGen is found on a Web page that allows visitors to download a password generator in order to access adult resources that users would normally have to pay for. When users run DigiKeyGen, they receive passwords that supposedly allow them access to pornographic Web sites.

At the same time -- and unknown to the victim -- a spyware program and an alleged anti-spyware application are installed on the computer. Users are then warned that their computer is infected and offered an anti-spyware program to clean the system for US$49.95.

Be Very Suspicious

Panda has discovered that DigiKeyGen can be downloaded from other Web sites offering adult content in addition to the program's official page. "You must always be suspicious of offers for something in exchange for almost nothing," warned Luis Corrons, director of Panda Software Labs.

"Cybercrime, which aims to make easy money, simply applies traditional fraud techniques to the Internet, and as a result, anybody tempted by the chance to get something for nothing is taken in, unaware of the risks of apparently harmless actions such as downloading small programs or accessing certain Web sites," Corrons noted.

Where the Money Is

Spyware is on the rise. In fact, many hackers are choosing to deploy spyware instead of installing backdoor Trojans or executing denial of service attacks, because there is so much money to be made and so little risk.

"In many cases, adware is a legitimate revenue source for companies that offer software free to users," Ken Dunham, senior engineer at iDefense, told TechNewsWorld. "Unfortunately, it's being abused for criminal gain. It has digressed into an environment where hackers are using it on a daily basis."

In the case of DigiKeyGen, the malware writers are cashing in by selling anti-spyware programs. Worldwide revenue for the anti-spyware market combined is expected to grow from $214 million in 2006, to $1.4 billion in 2010, according to the Radicati Group. The only problem is, malware writers' spyware typically doesn't work. They just take the money and run.

Proceed With Caution

The technique used in the DigiKeyGen case is not new. Other alleged anti-spyware programs detected in the past, such as RazeSpyware or SpySheriff, also used the same lure as DigiKeyGen -- offering to clean nonexistent spyware, or spyware installed with user consent, for a modest fee.

"Even users with sound IT knowledge could drop their guard with offers like this," Corrons added. "It is essential to be cautious of irresistible offers in the Internet. Users should leave the task of deciding whether or not a program is malicious to an anti-malware solution."