Sears.com installs dangerous spyware

Saw this on Digg today…this is a must read! A security researcher, Benjamin Googins from CA, discovered that the Sears/Kmart “community” web site installs extremely dangerous spyware. From the researchers blog post:

“Sears.com is distributing spyware that tracks all your Internet usage – including banking logins, email, and all other forms of Internet usage – all in the name of “community participation.” Every website visitor that joins the Sears community installs software that acts as a proxy to every web transaction made on the compromised computer. In other words, if you have installed Sears software (“the proxy”) on your system, all data transmitted to and from your system will be intercepted.”

How this still even possible with privacy laws and other regulations? Especially from a major retailer like Sears. Super scary stuff! Reminds me of the Sony Rootkit issue awhile back….check out the links below for more information on this.

Digg – Sears: Come see the softer side of spyware

Updates to the original blog posting from Benjamin.

More updates with full screen shots of the spyware installation.

Leave a Comment

Your email address will not be published. Required fields are marked *