FTC Fines Zango $3 Million

An anonymous reader writes "Wired is reporting that government regulators have fined rogue adware distributor Zango (formerly 180Solutions) $3 million. This is 'following charges that the company deceived internet users into installing its pop-up software and tried to prevent them from uninstalling it.' ZDNet mentions that 'Zango's executives pointed a finger elsewhere, claiming that the federal violations were due to third-party distributors rather than the software manufacturer itself.' Security researchers are still happily finding examples of Zango software being popped open in rogue distributions such as IM worms. Ben Edelman is claiming to have more evidence of their dubious business practices, casting into question their claims of newfound affiliate responsibility."

There must be a lot of money in malware.

[Pinkfud]

If these guys can pay a fine that size and still be in business, one has to wonder just how much loot they rake in with their wonderful little surprises.

Re:

[gripen40k]

Wow, yeah, never thought of that before. I wonder where it comes from, 'cause I wouldn't imagine that there would be that many people actually clicking on stuff in their popups... Any ideas?

Re:

[DigitalRaptor]

I'm not sure of how it works, exactly, but they make most of their money from hi-jacking affiliate sales.

For instance, if they have a popup that redirects you to a specific URL at Amazon.com, then for the next 45 or 90 days anything you buy at Amazon.com gets credited to them as an affiliate, even if you go directly to their site.

Commission Junction tracks stuff for 45 days the same way.

Consider how much money will be spent at Amazon.com for the next 90 days (holiday season) and how widespread their adware

Re:

[Paradise Pete]

For instance, if they have a popup that redirects you to a specific URL at Amazon.com, then for the next 45 or 90 days anything you buy at Amazon.com gets credited to them as an affiliate, even if you go directly to their site.

I don't think that's correct. For instance, just the other day I had someone follow this link [amazon.com]. They didn't buy anything right then, but a few hours later they went directly to it and bought something, and I didn't get any credit. But of course maybe I made a mistake in constructing

Re:

[rkcallaghan]

Paradise Pete wrote:

But of course maybe I made a mistake in constructing the link.

Your mistake was not hijacking their browser to re-insert your referral whenever they go to any of your sites.

~Rebecca

Re:

[DigitalRaptor]

Well, that could be for 2 reasons:

1. Amazon may have stopped the 45 day thing as part of their fraud prevention. 45 - 90 days is still very common (if not the standard) for affiliate payouts. I couldn't find it mentioned on their site.

2. The person that followed that link had cookies turned off, cleared their cookies, used a different browser or computer the second time, etc.

3. As the original post discussed, the persons computer could have had malware that hijacked the sale, taking credit for it. It

Re:

[Paradise Pete]

Thanks for the detailed reply. I don't do much with affiliate stuff - just a few friends who follow my link when they go to Amazon - so I'm fairly ignorant about the whole thing. When one of them told me he was going to buy a MacBook Pro, and asked me what I thought he should choose, I constructed that link for him, and explained that if he followed it I'd get some small kickback out of it. He did, but I didn't. The only thing he did was not buy it until the next day.

Re:

[gripen40k]

Well, if that's true then I'm thinking I have to get into the browser hijacking business! Anyone know a security flaw in Firefox that will let me do that ;)

Seriously though, if Amazon, for instance, stopped allowing referrals over the holiday season (now till boxing day) then not only would they be saving big money, but nearly all referral schemes would be pretty much shut down (assuming all Amazon-style sites did this of course). But then would you presume that Amazon would loose some holiday profit from

Re:

[DigitalRaptor]

Nah, the whole viral / referral marketing thing works because it is upfront. Companies that try to force it end up failing.

I think Google has succeeded because they haven't done anything seedy or contrived. They have tried to be very fair with AdSense and AdWords, and they owe much of their financial success to that.

Adware and spammers be damned.

Re:

[GigsVT]

Nothing seedy?

You mean like not allowing people to register adwords keywords on nearly every keyword, related to their product or not?

Right.

You used to be able to search for "Black people" and get an ad that said "Buy Black People Here!"

It's not that comedic now, but a search for "black people" brings up:

Target.com: Official Site
Find Great Savings Online.
Shop Target.com
www.Target.com

What the hell does target have to do with black people?

Re:

[gripen40k]

'Jewish People' brings up ads about jewish people, so it might just be case specific, although I don't care nearly enough to actually find terms that have ads of no relevance...

Re:

[The Mysterious X]

1.) Zango paid for every installation, voluntary or not
2.) The software installed is almost impossible to remove. Believe me, I've tried.

Re:

[mikeisme77]

Add/Remove programs doesn't work on the 180Solutions software. It'd be nice if it did, but in some cases it pretends to do something (while in reality doing nothing), in other cases it tells you to go to a web site to get the removal software (which you either never get or doesn't work), or it just tells you that this software cannot be removed.It's been awhile since I've had to deal with this crap (I've been fortunate in that I haven't seen it on any computers I've had to fix in over 2 years--actually, I h

Re:

[mikeisme77]

Malware != regulare software. It doesn't have an uninstaller and due to security problems with IE and Windows installs itself--so it's not really a choice of the user (other than not using IE and Windows of course--hence why I haven't had to deal with this for over 2 years). Now stop trolling.

Re:

[Kijori]

What difference does it make who caused it to install automatically - it does. And can't be removed. When calculating user responsibility it doesn't matter why these things are true.

Re:

[HermMunster]

If you don't like their uninstaller don't install it? Are you crazy? This stuff gets installed illegally most of the time. I own a small business and I clean this stuff all the time. The 180 solutions and Zango is some of the worst violators and some of the hardest to remove. When I question how it got installed the customers have no idea.

These people didn't get fined $3 million for doing legit installs bro. They've been fined for installing it in a rogue way and then of course, for the illegal action

Re:

[cduffy]

Ya know, this is one of those cases where intent matters quite a bit, as does notice.

If a developer makes software which is intentionally difficult to uninstall and fails to effectively notify potential users of this property, there are arguably elements of fraud going on. There's also the common-sense test as to whether the license agreement which the user submits to does in fact provide something of value to each party and is not so one-sided as to be innately unreasonable. (There's a specific term, but

It's not enough

[Nom du Keyboard]

It's not enough. It's not nearly enough!

Kind of torn

[slusich]

I have to say I'm kind of torn on the issue of spyware. It's a terrible practice and causes serious problems with people's computers every day.

At the same time, I've made my fair share of money cleaning it off PC's. :)

Seriously, it's about time that fines were imposed against the companies that propagate this. People who suffer actual damages from these programs should start bringing lawsuits against them.

Re:Kind of torn - hard to sue

[Nom du Keyboard]

People who suffer actual damages from these programs should start bringing lawsuits against them.

The problems here are:

1: It's hard to prove actual damages.
2: It's hard to identify the company to sue.
3: It's hard sue a company in small claims court that isn't in your county, let alone your state.
4: It's hard to serve them properly.
5: It's hard to defeat their argument that you agreed to a click-through license in allowing the install.
6: It's hard to collect, even if you win!

If it had been easy,

Re:

[Almost-Retired]

6: It's hard to collect, even if you win!

Yeah, I'd like to be a mouse in the corner when the FTC tries to collect. The FTC needs the authority to add another mill a day for every day they drag their feet writing the check IMNSHO. Or the legal ability to audit, and THEN set the fine at about 100k more per person in a responsible position within the company than they have in assets so the CEO's of such questionable operations lose their beemers and boats, maybe even their houses at sheriffs sale.

Seems only

Re:

[HermMunster]

Advertisers know exactly what is going on with their dollars when they hire a company to distribute their ads, etc. The way to clear this up is to allow people to sue the advertisers. That'll stop it quickly. I remember, there's some site that has a wall of shame (or something like that) about advertisers who are doing business with these malware groups. That needs to be made more public.

Uh huh, right.

[edunbar93]

Zango's executives pointed a finger elsewhere, claiming that the federal violations were due to third-party distributors

Yeah. And Pfizer isn't responsible for the spam sent by the third party distributors that they turn a blind eye to, and that they "don't control".

#1, you *had* third party distributors.
#2, you did nothing when they started doing Bad Things.
#3, you specifically set up the relationship in a way where they could basically do whatever they liked. If they did Bad Things, you would say "Shock! H

Re:

[kirun]

I suggest you use Google®-brand search to check your claims in future, because Pfizer has sued people sending out Viagra spam.

Consder the following...

[Nom du Keyboard]

Consider the following in assessing their guilt:

tried to prevent them from uninstalling it.

If they were innocent they would make an easy and safe removal tool as widely available as possible. And this tool should block any further attempts to reinstall the software as part of the removal process. Also...

'Zango's executives pointed a finger elsewhere, claiming that the federal violations were due to third-party distributors rather than the software manufacturer itself.

Oh, isn't that clever. Point the finger. Not our fault. Get a clue stick folks. Nobody works to sneak software onto a user's system that they're not getting paid for doing. If Zango were to actually stop paying for any further installs by anyone this problem would quickly go away. In addition, the software certainly has to contact Zango servers for updates and ads to display. Have your servers refuse to accept connections from any previous versions of your software, rendering it effectively toothless before you give me your poor me tales of woe.

Better yet, use your software to advertise the removal tool referenced above to all current users.

And Dear FCC, go after the advertisers who have used Zango to flog their wares. A few hundred thousand in fines here, and a few hundred thousand there, and the message will get out while you're reducing the government deficit in the process.

The plain truth is, there are some business models that DO NOT DESERVE to survive.

Re:

[MMC Monster]

The uninstaller should prevent another installation of the software? Just playing devil's advocate here, but that's a much higher standard you are setting them up against than just about any other software.

For one thing, what if this was Firefox. Should the uninstaller set up up so that if you uninstall Firefox once, it should never be installed on the computer again?

Then again, how should the uninstaller do that without leaving bits in the registry or a program directory? And wouldn't you want an uninst

Re:

[cheekyboy]

leave a text file called, "ZANGO_DONOT_INSTALL.txt"

The point is, to make the installer detect if its to not install again.

Why? Because it NEVER ASKS to install, it does it magically, where as firefox is a
manual install, not a sly install.

Any way, send those zanga people to Gitmo for a nice 6month vacation.

Re:

[Durrok]

... there are some business models that DO NOT DESERVE to survive.....

In America. Once they are no longer based in the US we (for the most part) can't touch them. Fining them doesn't really solve the problem... just makes it go elsewhere. Still, as long as they are dumb enough to operate this kind of business in America might as well get our punches in while we can.

Re:

[Sycraft-fu]

Ok while I'm not usually one to complain about the form of the message your excessive use of the bold tag is more than a little annoying. When you emphasize every other statement in your document the emphasis kind of loses it's meaning.

Seriously man, just type out what you want to say. The bolding does nothing but make it harder to read.

Re:

[gad_zuki!]

>And Dear FCC, go after the advertisers who have used Zango to flog their wares. A few hundred thousand in fines here, and a few hundred thousand there, and the message will get out while you're reducing the government deficit in the process.

Oh that would be great. Companies would make advertisers sign ethical agreement. No more viral or guerilla marketing either. Ethics and advertising? I'm not holding my breath. Something tells me many companies (especially small web-based ones) like it this way.

Re:

[GigsVT]

And Dear FCC

FTC! Not FCC. The FCC sells our frequencies to corporate interests, while the FTC slaps the most blatent corporate scammers on the wrist with small fines. Get it straight! :)

don't they deserve it?

[vindimy]

i say, people who aren't smart enough to not install those "free screen savers" and "blackjack casino" games deserve to have their computers thrashed by ad ware. maybe they'll learn the lesson when 100 pop-ups launch every time they click on the blue "e" thing. same goes to the people who still believe that they can get a free alienware laptop by filling out surveys and "browsing" the web.

Re:

[Anonymous Coward]

the "they deserve it" train of thought sucks, because while they *might* indeed deserve it, they're also likely made part of a botnet that then goes performing DoS attacks, spamming and scanning for exploits. Ultimately they just screw the net up for everyone else, so its in everyone's best interest to not only protect these people but go after the idiots pushing this stuff.

Re:

[brian_tanner]

Yeah sure, they deserve it. Anyone that thinks that they might be able to download something cool from the Internet for free *deserves* to have their machine maliciously invaded and "thrashed". That's what they get for believing something that is offered to them.

Also, every random grandma got cleaned out by a phishing scam also deserves it. I'm sure that dumb old bag deserved it.. couldn't she see that the url was an IP address and not really her bank?

Maybe people should just need a license to use the In

Re:

[vindimy]

Maybe people should just need a license to use the Internet

the problem isn't the phishing websites. it's the stupid/old/'technophobic' people. those who can't safely use the technology, they shouldn't be allowed to. but of course we're not to allow/disallow that basic right to them. don't blame the phishers - they are just taking advantage of the stupid people. it's a jungle and life is the survival of the fittest. let's not be on the stupid people's side, please??? and yes, if grandma can't tell the d

Re:

[brian_tanner]

That's a pretty strong comparison to say that an old person getting swindled by another person who is directly trying to deceive them is the same thing as an old person not knowing/acknowledging their physical limitations and getting into an accident. I just don't get this "don't be on the stupid people's side", because "it's a jungle out there and life is the survival of the fittest". If I told you that I made a living by tricking old people into letting me into their homes, tying them up, and then steal

Re:

[vindimy]

I don't understand how people getting scammed in some way through the Internet is somehow so different from a telephone or a face-to-face meeting.

i'll tell you the difference. in real life, if i'd go to a ghetto neighborhood and start talking to the "wrong people" there and then get in trouble (get shot, beaten up, sold drugs, arrested by police, etc.), who in the world would say that it's not my fault to go somewhere knowing that it's a dangerous place to go to? that's the equivalent of going to zango or

Re:

[ph43thon]

I {heart} analogies!

If you walk down a dark alley at night and someone cuts your throat... you may be stupid, but that doesn't mean the throat-cutter gets a pass. You are stupid.. you are dead = good. Throat-cutter is mean.. throat-cutter is punished = good.

See.. easy analogy to the rescue.. stupid people are punished for being stupid AND mean people are punished for being mean. That is the law of the jungle. The jungle cat!

I welcome your analogy-riposte!

Re:

[Cr33pybusguy]

One of main reasons that Zango got nailed (as the well should be) is because of stealth installs. Those Leet Haxxors are not only bundling Zango shit along with those lovely virii and trojan when you visit their often innocent looking websites. One a few months back was a hacked World Wresting Entertainment site. Zango knows full well that the majority of their income comes from these often unwanted installs.
They knew that the Install yes/no boxes are pre-ticked yes so you accidentally click it and recieve

Re:

[jlarocco]

Yeah sure, they deserve it. Anyone that thinks that they might be able to download something cool from the Internet for free *deserves* to have their machine maliciously invaded and "thrashed". That's what they get for believing something that is offered to them.

People shouldn't trust free things in the regular world. Why would it magically be safer on the internet?

Also, every random grandma got cleaned out by a phishing scam also deserves it. I'm sure that dumb old bag deserved it.. couldn't she se

Re:

[heinousjay]

People shouldn't trust free things in the regular world. Why would it magically be safer on the internet?

Taking something that isn't yours is wrong in the regular world, but if you believe the posts on Slashdot, doing it on the Internet is moral and just. Apparently there is some sort of magic dichotomy in effect.

Re:

[jlarocco]

Taking something that isn't yours is wrong in the regular world, but if you believe the posts on Slashdot, doing it on the Internet is moral and just. Apparently there is some sort of magic dichotomy in effect.

I wasn't talking about stealing. I meant more along the lines of "Here little boy, come closer to my van so I can give you some candy."

Re:

[mightyQuin]

"People shouldn't trust free things in the regular world. Why would it magically be safer on the internet?"

Last time I checked, linux was free - and so was pretty much everything in the open-source community.

Re:

[jlarocco]

Yeah, I probably should have said "People shouldn't automatically trust ..."

Re:

[nomadic]

People shouldn't trust free things in the regular world. Why would it magically be safer on the internet?

There are plenty of pieces of free software you can get online; why should someone with limited experience in distinguishing the good ones from the bad ones face that much punishment?

Zango and friends ruined freeware

[phorm]

Actually no. I remember a time long ago when there was tons of free software out there you could trust. I'm not talking about the open-source stuff (which I generally still trust when it's from SF.net or freshmeat), but demos, freeware utilities, shareware games, freeware episodes, etc.

There was a ton of free stuff out there without spyware, adware, or malware of any sort. Yes, you could get free screensavers (though many sucked). You could get free games (though most were demos). Nowadays, I see lots of

The FTC is a good start, but it should be the DOJ

[pwizard2]

Just fining these guys isn't going to make the problem go away. Unfortunately, I heard somewhere that the FTC doesn't have the power to shut down shit like this, you need the Department of Justice to do that. The only good thing about the FTC ruling is that it opens the door and provides good cause to get the DOJ involved. Whether that actually happens is another story.

Re:The FTC is a good start, but it should be the D

[BCW2]

I hope the DOJ attacks from here but I wish the FTC had fined them at least $50 million. If the fines get big enough crapware will get strangled.

TANSTAAFL

[Bellhead]

Speaking in general, without reference to any specific individual or corporation, I'll add these comments about the adware/spyware industry:

1. The reason adware companies do everything they can to make it difficult to remove their software is because they're in a hurry: they are making a lot of money very quickly, and they know that what they're doing will be illegal soon. When that happens, they want to be both rich and gone.
2. Many whom use P2P software shrug of adware as the cost of getting "free" songs or

$3 Million Dollars?

[Benswine]

I wonder what using the dollar unit twice means in your title? Maybe it's the standard method to denote inflation?

Re:

[flokati]

It means the fine was assessed in square dollars. They should just be thankful they didn't hit them with a 3M cubic dollar fine.

Oh, ZANGO.

[Kozz]

I was worried for a minute. I misread it as Zombo [zombo.com] Thank God my favorite intarweb site won't be going anywhere.

Re:

[vindimy]

what the hell is zombo.com is all about? some stupid voice repeating that 'anything is possible'..? then they ask me to sign up for a newsletter

Re:

[lubricated]

I was gonna explain it, but, fuck it. Nobody tell him.

Fight it bottom-up.

[Hexstream]

What you have to do is applying recursive fines. Those guys enjoy using lots of "sub-contractors" to "share responsibility" for the inherently evil actions. Instead of applying a fine of 3 millions on the 1st guy in the chain, they should apply similar fines to all the nodes in the tree. So if there are 16 contractors in all, 3 millions each. This would effectively fight the problem bottom-up. Since the small contractors make less money individually than the root company, they would suffer immediate bank

One word

[web_wizard_888]

Owned.

Windows-problem. Remove Windows - remove problem.

[Werrismys]

If the user is stupid enough to buy Winblows, he/she deserves what he/she gets. -1 troll, blaablaa, but that's the fact of life - users of proper operating systems have to deal with NONE of this crap.

George W should...

[TavisJohn]

Why not just have George W just make a law/royal decree that all adware and spyware makers are terrorists! Then he could just imprision them without any due process, and take all their property. This problem of spyware and adware could be cleared up (From the US side anyway) quickly!

Sounds Like Republican Ads in Tennessee

[ThisRoadClosed]

The Republican Party in Tennessee has commissioned a third party to generate disgusting ads against Democrat Harold Ford, Jr. This allows the Republicans themselves to announce that they, too, are "shocked" by the grossness of the ads while stating that they have no control over them and that it would be against the law for them to intervene. Hmm...adware companies and Republicans seem to be more alike than previously thought.

Shame Shame I Know Your Name

[writerjosh]

...'But spyware researcher Ben Edelman doubts that the company has reformed its ways. "I commend the FTC's efforts here, but serious diligence will be required to assure that [the company] actually complies with its many obligations under the settlement," Edelman said in an e-mail on Friday. "At this instant, I am confident that [the company] is not in compliance."...

..."[The company] continues plenty of bad practices, including some unlabeled ads and installation attempts predicated on security exploits