FTC criticised for low adware fine

Posted by   Virus Bulletin on   Feb 20, 2007

Latest DirectRevenue case nets mere $1.5 million penalty.

Serial adware user DirectRevenue, along with several advertising clients, has agreed to settle a case brought by the US Federal Trade Commission, with total financial penalties amounting to $1.5 million.

The case accused the advertising purveyor of using deceptive and aggressive tactics in the distribution of its advertising, including the use of software vulnerabilities to install silently, and deliberately preventing the removal of software. The settlement requires the company to avoid such techniques in future, and to provide clear labelling of its advertising output, as well as simple removal techniques. The company is also instructed to maintain tighter controls over affiliates who may also be spreading the software in deceptive ways, and to stop sending ads to software installed prior to 1 October 2005.

The financial aspect of the settlement has drawn widespread criticism, with even one of the commission board calling the figure 'a disappointment' - DirectRevenue is thought to have made up to $20 million in profit from its deceptive and intrusive marketing software. The settlement has been left open by the FTC until the end of March, with comments invited from the public prior to finalising the decision.

The FTC statement on the decision, including contact details for comments, is here. A brief release from DirectRevenue on the issue (in PDF format) is here

Posted on 20 February 2007 by Virus Bulletin

 Tags

twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

 

Latest posts:

In memoriam: Dr Alan Solomon

We were very sorry to learn of the passing of industry pioneer Dr Alan Solomon earlier this week.

New paper: Nexus Android banking botnet – compromising C&C panels and dissecting mobile AppInjects

In a new paper, researchers Aditya K Sood and Rohit Bansal provide details of a security vulnerability in the Nexus Android botnet C&C panel that was exploited in order to gather threat intelligence, and present a model of mobile AppInjects.

New paper: Collector-stealer: a Russian origin credential and information extractor

In a new paper, F5 researchers Aditya K Sood and Rohit Chaturvedi present a 360 analysis of Collector-stealer, a Russian-origin credential and information extractor.

VB2021 localhost videos available on YouTube

VB has made all VB2021 localhost presentations available on the VB YouTube channel, so you can now watch - and share - any part of the conference freely and without registration.

VB2021 localhost is over, but the content is still available to view!

VB2021 localhost - VB's second virtual conference - took place last week, but you can still watch all the presentations.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.