Why was TuCows Out to Pasture during their Networks Massive, Mal-ware attack?

by | Sep 16, 2010 | Marketing Mishaps, PR Crisis, Social Media, Software Industry

Could a Stock Buyback of 2.9 million shares be a factor in TuCow’s Slow Response?

TuCows (NYSE AMEX:TCX, TSX:TC) , out in the pasture?!  With possibly 6M consumers affected my Malware spread through popular web portals, ground zero for the Malware attacks came from a known vulnerability in OpenX’s Ad server. Among the affected carriers, TuCows, Pirate Bay, ESarcasm And AfterDawn among the effected carriers. According to Web security vendor Dasient, an estimated 1.6M ads may have been served daily. According to Adreka social analytics, appearances of social reports, earmarking the malware attack may have started as early as the over the past 96 hours, and may have begun it’s proliferation as easily as midnight, 11th of September 2010.

CyberInsecure reported that the malicious code was being loaded from external domains registered to an address in Russia and was targeted the Microsoft Windows Help Center vulnerability patched earlier this year, the successful exploitation led to a variant of the Bredolab trojan being installed on the victim’s computer. This threat is known a distribution platform for rogue antivirus programs.

TuCows general manager, Andy Walker, confirmed for ParetoLogic that the incident was the result of hackers compromising the OpenX server used by the company to deliver ads. “We detected the intrusion, patched the vulnerability in OpenX and resolved the issue quickly,” the company representative noted. According to Adreka’s Social Monitoring, the OpenX vulnerability issue was known as early as May, 2010, as reported by dozens of active OpenX communities, programmers, and malware boards.

Moreover, less than 12 hours ago, my attempts to access the TuCow’s main site and affiliate pages resulted in AVG halting my systems infection. So exactly why was the largest software company in North America, out to pasture when their systems, webmasters, and millions of consumers were being affected by a massive malware attack?

Granted it a cow’s top speed, is 5.5 mph, so TuCow’s should get there in ½ the time? – LOL

As a question, NOT AS AN ACQUISITATION, could the deadline for TuCow’s slow response come in the wake of the company trying to push their existing investor base to sell 2.9 million shares back to the company in a Dutch auction, what expires on September 17th 2010? According to their own financial release, dated September 9th 2010, TuCow’s  intends to commence a modified “Dutch auction” tender offer to repurchase up to 2,900,000 shares of common stock, representing approximately 5.1% of Tucows’ outstanding shares. The tender offer is expected to commence on Friday, September 17, 2010 and to expire, unless extended, at 5:00 P.M., New York City Time, on Tuesday, October 19, 2010. Tucows also announced that it has terminated its normal course issuer bid commenced in February 2010 pursuant to which Tucows has repurchased 3,409,300 shares of common stock.

As a past investment banker and now current media evangelist, you have to ask the question, unless their technology team was completely out to pasture, could long term financial gain been the catalyst for a Cow Speed Response, in relation for all other systems effected?

Tucows Ad Malware Mishap, May Affect Million of Computers, and Shake Consumer Trust!

by | Sep 16, 2010 | Marketing Mishaps, PR Crisis, Software Industry, Viral Marketing

Digital Social Listening Detects a Global Attack of One of the Webs Largest Software Sites!

Reports began coming in September 14th that TuCow’s (AMEX: TCX) may have been affected via Ad Malware from blog sphere reports as detected by Adreka, Inc, using social digital listing tools. Tucows (originally an acronym for The Ultimate Collection of Winsock Software, a name which has long since been dropped) has been is one of the few companies that survived the destruction of the dot bombs, only to now fall victim to a new enemy, 3rd party malware, which their systems are, at this moment, currently distributing, possibly either undetected or not being discussed by their management given their publicly traded status. At this hour, the company has not made any statements, shutdown their Ad Servers, or hosting network.

Compounding the danger,  TwoCows is perhaps best known for its popular website directory of shareware, freeware, and demo software packages available to download. A system of mirror sites is maintained to allow the traffic to the site to be distributed among several worldwide server locations. The 3rdparty Malware may have effected it’s an extensive reseller network, which services over ten million domain names, millions of mailboxes for a network of over 10,000 web hosts, ISPs (Internet Service Providers), and other resellers around the world. It can only be speculated that in the past 48 hours, TuCows, may have inadvertently infected millions of computers of Windows visitors to their software, email, and associated websites though a vendibility exploited via a 3rd party advert being served across TuCow’s entire network. The exploit will download and run a malicious file, a variant of the Bredolab Trojan. Upon execution it will unpack its code and try to connect to various remote addresses through the HTTP protocol for downloading and executing other Trojans, which results in a pop up frenzy of advertisements then usually fake antivirus or antispyware scanners (like PC Antispyware 2010). This potentially leads to a second problem of potential credit card fraud.

This is not the first time we see a high-traffic website being used to distribute malware. The bad guys always go for Achilles’ heel, and what looks like an innocuous advert can trigger a wave of nasties. This is why for networks big and small, third-party advertisements must be verified carefully, otherwise this is the kind of things that can happen. Though the lack of response, admittance, or lack of actions on behalf of TuCow’s is very unsettling. As of this evening TuCow’s systems still remain affected with the Malware spreading, and TuCow’s traffic base is exponentially decreasing as virus scanners and web browsers begins to alert web traffic of the potential danager.  As a publicly traded company, news travels from the social sphere, to consumers, to Wall Street fast than most think.