YapBrowser- The Story Gets Stranger and Stranger

| | Comments (4)

Internet security...sometimes it isn't all dry analysis and wading through rogue code and links...sometimes the stories get- strange.

First we thought the YapBrowser was dead and buried. After being exposed for serving up UA Porn by a number of security experts 180Solutions (now Zango after the Hotbar merger) stopped sponsoring the product. A product, I might add, that should have never gotten through any good quality assurance department in the first place.

Then I conducted an e-mail interview with "John Sandy" to try to get to the bottom of the fiasco. The answers were evasive and to date no one can seem to take responsibility for the situation- it has all been pass the buck. Then, mysteriously and quietly, the YapBrowser comes back online promising an adult browser that in their own words: "There is a 100% guarantee no system infection will occur when using our software. YapBrowser is the only browser which gives you safe search and browsing capabilities.". We find that promise hard to believe.

We thought that might be the end of it, but now a mini-soap opera is playing out as the people behind the project have launched a discussion forum. What is intriguing about this forum is that a number of the names are the same as or similiar to well known security professionals and analysts and people in stories we have covered before. They have registered as users and they are actively carrying on coversations. Some examples include:

Chris Boyd, our own PaperGhost, well known and accomplished malware researcher who went back and forth with the YapBrowser crew across a number of blogs including his own at VitalSecurity.org. It is notable the real Chris Boyd did not sign up at the forum. (He has now as Paper-Ghost to monitor the events.)

Susie, who we assume could be an impersonation of Suzi Turner, the well known anti-malware activist that runs SpywareWarrior.com and blogger at ZDNET Spyware Confidential who covered the story and had harsh words for the Yap people. In the forum she states her favorite blog is "Sunbelt Software", run by Alex Eckleberry, who was also instrumental in the crack down on YapBrowser, our own Greynets Blog, and a large business blog I contribute to at Revenews (neutral ground where the first interview took place). Susi goes on to make some jabs at VitalSecurity and Washington Post's Security Blog- written by Brian Krebs. It is notable that the real Suzie does consult for Sunbelt Software and she doesn't speak Russian either. Then again, maybe it isn't *that* Suzie just a vague "coincidence".

RinCe- An individual who assisted our team with a tip-off while investigating a rogue botnet involved in a massive credit card theft scheme whose owners later wound up in serious legal hotwater after the story broke. RinCe doesn't speak Russian to our knowledge. (More on that story later.)

Ozzy, we assume this could be the top gun hacker buster of BlueMicro We really don't know if it is actually Ozzy having a go at them, or an Ozzy impersonater, but given the circumstances we simply have to wonder. You see how confusing it all gets.

To top it off they link to my interview with the alleged "John Sandy" as if the interview vindicates their activities. Folks- it doesn't. My role was merely to facilitate the conversation and work with the translators to try to get some answers to how a situation could go so horribly wrong.

So why this apparent complex game of charades? We really don't now. That is what we mean by the story getting stranger and stranger. We will continue to monitor, but that won't distract us from the really interesting stories on the horizon. Stay tuned for more mayhem from the digital trenches.

ADDENDUM: Within a few minutes of posting this blog, the Chris Boyd page at Wikipedia was defaced. Fortunately the Wikipedia provides the IP address of individuals who deface the popular wiki.

4 Comments

I can confirm, that in not a fake. Please get your facts right.

Susie,

Normally we don't publish comments from someone who doesn't leave an e-mail address but in your case I will make an exception.

If you will carefully re-read the entry you will note that it was an "assumption". So to help us get "the facts straight"...

Are you Susie or Bob? The same "Bob" that has been spamming comments at Sunbelt and VitalSecurity.org...

Are you two related? Think carefully before you answer.

Internet impersonation has an impact on search engines. If the fake "PaperGhost" is active enough, his posts will show up when someone googles for, say, PaperGhost's opinions on a particular topic. I've already seen this attempted in the blogging world.

RinCe- An individual who assisted our team with a tip-off while investigating a rogue botnet involved in a massive credit card theft scheme whose owners later wound up in serious legal hotwater after the story broke. RinCe doesn't speak Russian to our knowledge. (More on that story later.)

more on what 0.0? RinCe- An individual who assisted our team with a tip-off while investigating a rogue botnet involved in a massive credit card theft scheme whose owners later wound up in serious legal hotwater after the story broke. RinCe doesn't speak Russian to our knowledge. (More on that story later.)

more on what 0.0? <- Real rince and no id ont speak russian!

blah just noticed post on ere im mentioned :o hows you guys? wat happend 2 them hax0rs? email me ;D

Leave a comment

About this Entry

This page contains a single entry by published on June 8, 2006 2:52 PM.

Official: 180Solutions and Hotbar Merge Become Zango was the previous entry in this blog.

The Mail Bag: Can People Hide Messages in Pictures? is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.