Digital Social Listening Detects a Global Attack of One of the Webs Largest Software Sites!

Reports began coming in September 14th that TuCow’s (AMEX: TCX) may have been affected via Ad Malware from blog sphere reports as detected by Adreka, Inc, using social digital listing tools. Tucows (originally an acronym for The Ultimate Collection of Winsock Software, a name which has long since been dropped) has been is one of the few companies that survived the destruction of the dot bombs, only to now fall victim to a new enemy, 3rd party malware, which their systems are, at this moment, currently distributing, possibly either undetected or not being discussed by their management given their publicly traded status. At this hour, the company has not made any statements, shutdown their Ad Servers, or hosting network.

Compounding the danger,  TwoCows is perhaps best known for its popular website directory of shareware, freeware, and demo software packages available to download. A system of mirror sites is maintained to allow the traffic to the site to be distributed among several worldwide server locations. The 3rdparty Malware may have effected it’s an extensive reseller network, which services over ten million domain names, millions of mailboxes for a network of over 10,000 web hosts, ISPs (Internet Service Providers), and other resellers around the world. It can only be speculated that in the past 48 hours, TuCows, may have inadvertently infected millions of computers of Windows visitors to their software, email, and associated websites though a vendibility exploited via a 3rd party advert being served across TuCow’s entire network. The exploit will download and run a malicious file, a variant of the Bredolab Trojan. Upon execution it will unpack its code and try to connect to various remote addresses through the HTTP protocol for downloading and executing other Trojans, which results in a pop up frenzy of advertisements then usually fake antivirus or antispyware scanners (like PC Antispyware 2010). This potentially leads to a second problem of potential credit card fraud.

This is not the first time we see a high-traffic website being used to distribute malware. The bad guys always go for Achilles’ heel, and what looks like an innocuous advert can trigger a wave of nasties. This is why for networks big and small, third-party advertisements must be verified carefully, otherwise this is the kind of things that can happen. Though the lack of response, admittance, or lack of actions on behalf of TuCow’s is very unsettling. As of this evening TuCow’s systems still remain affected with the Malware spreading, and TuCow’s traffic base is exponentially decreasing as virus scanners and web browsers begins to alert web traffic of the potential danager.  As a publicly traded company, news travels from the social sphere, to consumers, to Wall Street fast than most think.