0 Members and 1 Guest are viewing this topic.
About StopBadwareOur work protects people and organizations from becoming victims of viruses, spyware, scareware, and other badware. StopBadware was formerly a nonprofit anti-malware organization based in Cambridge, Massachusetts. As of September 2015, the organization has been refashioned as a program housed within the Security Economics Lab at the University of Tulsa; both the Security Economics Lab and StopBadware are directed by Dr. Tyler Moore.StopBadware started as a project of the renowned Berkman Center for Internet & Society at Harvard University, and we spun off as an independent nonprofit organization in 2010. From our inception, we've been led and shaped by top thinkers in the fields of security and Internet policy.Historically, StopBadware was the only not-for-profit organization focused on protecting the public from badware websites. The open Internet is one of the world’s greatest resources.Badware poses a serious threat to the integrity of the Web and the security of the people who use it. StopBadware works with a powerful and growing network of collaborators to find new, systemic ways of addressing this threat and increasing security for everyone who values the Web as a platform for business, expression, and innovation.The StopBadware program: provides Internet users with important and timely information about badware helps website owners, particularly individuals and small businesses, protect their sites from badware; offers resources and community support to owners of compromised sites engages web hosts and other key service providers to help them effectively and transparently address badware websites within their zones of control encourages companies to proactively share data and knowledge with one another; leads collaborative information-sharing efforts that create greater security for all stakeholders conducts high-impact research on malicious websites, cybersecurity econometrics, and critical infrastructure, to name just a few What we do StopBadware fights badware by working to strengthen the entire Web ecosystem. Together with collaborators and industry leaders, we: Assist website owners Badware education: Site owners can use our tips and resources to learn how to identify, remove, and prevent badware on their websites. Creating a new website? Cleaning up an existing one? Learn how to prevent website badware, clean up common hacks, or protect your PC. Badware Website Clearinghouse: Our Clearinghouse allows people to see which URLs are on which blacklists at a given time. Search for your own site, or another you're interested in, to see if it's currently blacklisted or has been in the past. Independent review process: StopBadware performs independent reviews, upon request, of URLs blacklisted by our data providers. Our independent review process checks the accuracy and transparency of certain blacklists by allowing site owners to petition removal from these lists. Perform leading security research and facilitate data sharing Research: For years, StopBadware's in-house research team has analyzed data from our own programs and worked with external datasets and collaborators to illuminate topics like webserver compromise risk, factors affecting badware URL detection, malware reporting efficacy, and more. As part of the Tandy School at the University of Tulsa (as of September 2015), StopBadware intends to expand its research mission. Data sharing program: Companies with data to share can opt in to a data exchange program for badware URLs and relevant metadata. StopBadware serves as a trusted third party custodian of the data and uses the data to publish aggregated stats and to facilitate cleanup/takedown by Web hosts and other service providers. Learn more. Aggregated data and badware trends: Research tools, like our Top 50 Networks and Top 50 IP Addresses lists, highlight current concentrations of blacklisted URLs. We publish aggregated badware data to draw attention to trends that may require action on the part of network providers, and that reflect providers’ success in cleaning up their networks. Advocate for a safer web Publications and insight: StopBadware publishes and maintains a variety of guidelines, reports, and white papers. Notable publications include two sets of best practices that were developed to create common industry standards for reporting badware URLs and responding to reports. We also maintain guidelines for badware websites and applications. See our Publications section for a full list of documents we've produced.Ecosystem involvement: StopBadware participates in working groups, industry associations, and conferences, advocating for a collaborative, transparent approach to protecting users.Want to work with us? Let us know. What is badware? Badware is software that fundamentally disregards a user’s choice about how his or her computer or network connection will be used. Some badware is specifically designed for criminal, political, and/or mischievous purposes. These purposes might include: stealing bank account numbers, passwords, company secrets, or other confidential information tricking the user into buying something that he or she doesn't need sending junk email (spam), or sending premium text messages from a mobile device attacking other computers distributing more badwareThis type of badware is often referred to as malware. It includes viruses, Trojans, rootkits, botnets, spyware, scareware, and more.Some badware may not have malicious intentions, but still fails to put the user in control. Consider, for example, a browser toolbar that helps you shop online more effectively but does not mention that it will send a list of everything you buy online to the company that provides the toolbar. In this case, you are unable to make an informed decision about whether to install or use this software. Another example is when you install a piece of software, and that software installs additional software that you weren’t expecting. This can be especially troubling if the additional software does something you dislike or doesn’t uninstall when you remove the original software.At times, the line between deliberately malicious software and unintentionally bad software can blur. Software creators and distributors can, and should, stay away from this blurry line by using clear messaging and thoughtful product design to keep users in control of their computers and networks.Learn how to protect your PC. A badware website is a website that helps distribute badware, either intentionally or because it has been compromised. Many normal, legitimate websites are infected and turned into badware websites without the knowledge of their owners. Some badware websites infect your computer with badware using drive-by downloads. Drive-by downloads occur when a website automatically (and often silently) installs software as soon as you visit the site; no clicking is necessary. Typically this kind of attack takes advantage of a vulnerability or “hole” in your web browser, a browser plug-in, or other software on your computer.Social engineering attacks are also common ways for badware websites to distribute badware. These attacks take advantage of human nature by tricking people into installing badware. A popular trick shows a fake virus scan that indicates that your computer is infected and encourages you to download and/or purchase a tool to remove the infection. Another popular trick is offering to display a video that sounds interesting, but only after you install a plug-in or codec that is “required” to view the content.Read our Badware Guidelines for more details about what StopBadware defines as badware.Want to learn more about badware websites? We teamed up with the folks at BlueHost to make this fun video about website security basics. https://youtu.be/tqM3D83GBRE Has your website been infected with badware? Learn how to clean up.