Skip to main content

comScore gets a spanking

TRUSTe (opens in new tab) suspends comScore (opens in new tab) for 90 days (announcing it just this Friday evening):

Earlier this month, after notification by several sources, TRUSTe undertook an investigation of a distributor installing comScore’s RelevantKnowledge on consumer machines through a security exploit. TRUSTe immediately launched an investigation, and with the help of Eric Howes and the team at SunBelt Software, and with the cooperation of comScore, was able to locate the exploit.

The blog post goes on to say that:

The RelevantKnowledge application was observed being installed via a security exploit amongst several other applications. The following describes the series of events observed:

The user visited an unauthorized distribution web site.

A series of hidden frames were loaded containing links to dozens of other websites, including sites containing code designed to test and trigger security exploits on the user’s machine.

by way of these exploits, a cascade of maliciously installed software was downloaded/installed onto the user’s machine without any form of consent. This software included RelevantKnowledge.

Link here. (opens in new tab)

Faithful blog readers will recall (opens in new tab) the taped interchange on this subject at the ASC Conference (here, go forward to 32 minutes). Listening to that interchange is elucidating.

Let us ponder the fact that this was through TopInstalls, and hence, a widespread exploit-based install, first observed in April by Ben Edelman and going on for at least two months.

Sunbelt’s Eric Howes is mentioned in TrustE’s blog entry, but Ben Edelman has also been a major contributor (opens in new tab)to the comScore watching.

Alex is a technology CEO, with leadership, operating partner, investor, and board member roles at security firms including AutoLoop, Borland, Quarterdeck (now Symantec and Cisco WebEx), GFI/TeamViewer, Sunbelt Software (now ThreatTrack Security), BlueStripe Software, StopBadware, Knowbe4, Malwarebytes, and Runaware Holding AB. When CEO of Sunbelt he ran a security blog, and he still writes on security.