StopBadware Media Highlights

StopBadware Media Highlights

Four of Internet's Biggest Ad Sellers Join in Ads Integrity Alliance

6/14/2012, Marketing Land

"A few months ago, folks at some of the Internet's biggest ad sellers—AOL, Google, Facebook, and Twitter—began talking about collaborating to fight this universal problem. The result is the Ads Integrity Alliance, an industry initiative launching today under the aegis of non-profit StopBadware."

Qualys' Courtot backs Trustworthy Internet Movement

3/1/2012, Dark Reading

"The idea, [Courtot] said, is to put the fast movers in security innovation together in a collaborative force that will allow them to circumvent some of the more staid machinery of security progress....[Courtot] cited the nonprofit StopBadware as both a model organization and a participant in his initiative."

Would you know if your site's been hacked?

2/23/3012, IT Business Edge

"StopBadware and Commtouch published a joint report titled "Compromised Websites: An Owner's Perspective" that looks at webmasters and their experience with hacked sites. Bottom line: Most of us have no clue if our site has been the victim of an attack."

How to protect your company's data

1/25/2012 The Business Journals: Technology

"The problem is that business owners typically have a false sense of security....This is particularly true of small and mid-sized businesses, says Maxim Weinstein, executive director of StopBadware."

Readers and Experts Weigh In on a Site Owner vs. Google

1/6/2012, New York Times Technology

"Malware may be the digital equivalent of bedbugs: suddenly ubiquitous, hard to treat and a real menace for those infested."

Facebook Tightens Security with New Tools

10/27/2011, MIT Technology Review

"'Facebook seems to be introducing some sensible new controls; time will tell whether they are effective and strike the right balance,' says Maxim Weinstein, director of StopBadware." 

Best Practices for Reporting Malicious URLs

10/10/2011, Sophos Naked Security

"I am pleased to have been involved in a great initiative over the last few months, coordinated by the folks at StopBadware. They put together a working group in order to thrash out a process for reporting malicious URLs. I am happy to say that a few days ago the final version of Best Practices for Reporting Badware URLs was published." 

ISP Backlash Over Feds' Bot Notification Initiative

10/5/2011, Dark Reading

"Maxim Weinstein, president and executive director for StopBadware, says the ISP's role in combating botnets is critical. 'The ISP is the only player in the ecosystem that has the knowledge of what the customers is that is attached to a particular IP address, and that has a relationship with that person. That is really important in the case of bots,' Weinstein says." 

Q&A: Maxim Weinstein on StopBadware's New Web Host Program

8/22/2011, Web Host Industry Review

"MW: We believe this is a great opportunity for hosting providers. The only cost for them is implementing procedures that, frankly, they should (and might) already have in place. Meanwhile, participating providers can distinguish themselves in a crowded market by showing their commitment to being good Internet citizens."

New cyberattacks target small businesses

7/4/2011, USA Today

"Many business owners don't realize about how intently profit-minded hackers are striving to wrest control of their websites to run scams, says Maxim Weinstein, executive director of the non-profit StopBadware...'A sophisticated and evolved criminal underground is constantly trying to avoid being detected while spreading their malware ever more effectively,' says Weinstein."

StopBadware Releases ‘State of Badware’ Report

6/8/2011, Dark Reading

“StopBadware’s report identifies key areas for improvement and cites ‘an opportunity for policymakers and industry players’ to create new and more centralized methods of measuring and responding to the badware threat.”

A Royal Wedding Scam

4/29/2011, Technology Review

“This particular scam has defied all industry efforts to defeat it in the past several years….Indeed, StopBadware’s analysis today found that most security products could not detect this attack.”

Group outlines web host’s role in fighting malware

3/16/2011, SC Magazine

“Web hosting providers can limit the spread of malware by quickly responding to reports of compromised sites, informing customers and, in some cases, mitigating and resolving the issues, according to a new set of best practices released by StopBadware.”

StopBadware Creates Guidelines for Web Hosts in Addressing Malware Reports

3/15/2011, Web Host Industry Review

“Non-profit security organization StopBadware announced on Tuesday it has released ‘Best Practices for Web Hosting Providers: Responding to Malware Reports,’ offering guidelines for hosting providers on addressing reports of malware on their networks.”

StopBadware Spins Off From Harvard U. to Be a Standalone Nonprofit Group

1/28/2010, The Chronicle of Higher Education

“Maxim Weinstein, the executive director of StopBadware, explained that in the years since its conception, StopBadware evolved from an academic experiment to something that was more characteristic of a nonprofit organization.”

IT security Reboot 2009: Honoring the year’s information security luminaries

12/1/2009, SC Magazine

“Going forward, StopBadware will play even more of a role as the hub of communication and collaboration among organizations committed to fighting badware. Weinstein, part technologist, part educator, appears to be the right man for the job.”, the place to appeal a Google malware warning

2/2/2009, CNET News

“In addition to offering a second opinion to aggrieved Web sites, works on developing new approaches to addressing malware and offers the forum where Web site owners can exchange information.”

As Threats Grow, Crowdsourcing Could Be The Future Of Network Security


“ is negotiating with several security firms to act as an independent data analysis tool point: Proprietary information will be analyzed across several firms’ data sets, and then the final results will be released without any companies’ carefully guarded “blacklist” of malware sites being released."

Report – Majority of World’s Malware Originates in China

6/25/2008, Ars Technica

“It’s possible for a network to shift position on the organization’s list in just one year. After iPowerWeb was identified last year as the owner of the most-infected network block, the company worked closely with both Google and StopBadware to improve the situation. As a result, it’s no longer listed among even the top 250 infected networks.”

Report: China Hosts Most Malware-Infected Sites: report shines new light on where the world’s malware-ridden sites reside

6/24/2008, Dark Reading

“StopBadware’s new report is a major departure from its report a year ago, when the U.S. was the main culprit for hosting malware-infested Websites. “At the time, China was not nearly as large a factor. Of the top five network blocks [in 2007], four were U.S.-based,” Weinstein says."

Apple does about-face, fixes Safari’s ‘carpet bomb’ bug

6/19/2008, Computerworld

“The anti-malware group chided Apple for the decision, and asked the Cupertino, Calif., company to reconsider. It appears that Apple did just that. Safari 3.1.2 now notifies the user before downloading a file, said Apple in the advisory that accompanied today’s fixes.”

FTC wants to hit the spyware guys where it hurts

6/13/2008, The Register

“ has changed its badware guidelines multiple times in just two and a half years, due to ongoing changes in technology and badware practices, as well as an ongoing desire to make sure that we’re ‘getting it right’,” Weinstein wrote. “If legislation defines spyware specifically, what happens when a new piece of spyware falls outside that definition?”

Does RealPlayer Deserve ‘Badware’ Label?

2/21/2008, E-Week

“The Google-backed group has explained the thinking behind its decision to slap the ‘badware’ label on two versions of RealNetworks’ RealPlayer software, insisting there are serious problems with the installation process and behavior of the products.”

RealPlayer Labeled Malware

1/31/2008, Washington Post

“An industry-academia group designed to raise public awareness about software that violates fair information and privacy practices has labeled recent versions of RealPlayer video streaming software as ‘badware,’ charging that the software surreptitiously installs pop-up ad serving software as well as the Rhapsody media player engine. issued an alert about two software titles from RealNetworks – RealPlayer 10.5 and RealPlayer 11, saying each violated the group’s badware guidelines.”

When Web Apps Attack

1/4/2008, Cnet

“Wysopal cites information from StopBadware, Harvard University. ‘They’ve been studying where all this malicious software is coming from, and they found that they’re not coming from porn sites or gambling sites or these places where you think the people operating the sites are shady characters. They’re coming from just any old site…’”

Many Evils Lurk in Corners of the Internet

10/10/2007, Ars Technica

“A recent report (PDF) from called ‘Trends in Badware 2007: What Internet Users Need to Know,’ stresses the importance of being careful where you click… The report touches on a theme that we’ve hammered away on for some time: that out-of date software is one of the biggest threats to users.

BadWare Hunters Tame Wild Webmasters, Hosts. The Stop Badware team targets, defeats some malware distributors and zombie recruiters

9/16/2007, PCWorld

“StopBadware’s list of hosting companies responsible for supporting the largest number of malware sites resulted in at least one leading culprit – iPower Technologies – changing its ways, while two others have disappeared completely.”

Does Trillian Have a Crapware Problem?

6/19/2007, ZDNet

“ researcher Liana Leahy has taken Cerulean Studios to task for bundling two third-party applications into the popular free Trillian IM client, arguing that users who are not careful during the Trillian installation process could end up with a crapware problem.”

Criminals Hijack Large Web Hosting Firm

5/25/2007, Schneier on Security

“IPOWER said the site hacks ‘came from a compromised server hosted by another company that was listed on the Web site. This impacted a higher percentage of accounts on each of these legacy third-party control panel systems.’”

Google Sharpens Malware Alerts for Webmasters

2/27/2007, PC World

“Google flags Web sites according to guidelines set by The Stop Badware Coalition. Webmasters who feel their sites have been incorrectly flagged as having malware need to contact the coalition and request a review.”

Groups Target Another Spyware Operator

12/6/2006, Internet News

“Palfrey added StopBadware, and CDT decided to target with an FTC complaint because ‘they’ve combined so many things in a single bundle. It’s a parade of horribles.’”

AOL 9.0 Slapped with Badware Label

8/28/2006, E-Week

“During the installation process the user is never clearly notified that AOL will be installing these programs. The inclusion of two of these programs—QuickTime and Viewpoint Media Player—is mentioned on a page entitledAOL Software. However, to reach the AOL Software page, the user must click on AOLs Privacy Policy (which is linked to from the third pre-installation screen), and then locate and click on the second use of the word software on that page,” the report said.

Beware of ‘Badware’: Academic organizations’ watchlist spotlights four examples of malicious software

5/26/2006, Internet News

“This is one of the trends we’re seeing now; malicious software posing as good ‘helper’ software,” said Christina Olson, the project manager at “So products that claim to be anti-spyware are in fact spyware.”

Spyware Trail Leads to Kazaa, Big Advertisers

3/21/2006, E-Week

“Google-funded anti-spyware coalition releases its inaugural report to coincide with a study on how big-name advertisers are helping fund the virulent spread of unwanted software.The coalition, funded by Google, has listed the Kazaa file-sharing application at the top of a list of noxious software programs that present a threat to business and consumer users.”

Internet Coalition Sets Up Anti-‘Badware’ Site

1/26/2006, Washington Post

“A group including Google Inc. and institutes at Harvard and Oxford universities plans to unveil a campaign today against spyware and other malicious computer programs that can steal personal information, snoop on your Web surfing and bombard you with pop-up ads.”

Google, Sun Backing New Anti-Malware Effort: Harvard, Oxford researchers aim to create Internet defensive strategies geared to consumers

1/26/2006, Technology Review

“[Cerf] added that ‘by cataloging as many of the known bad software cases and their means of infection, we may be able to assist operators and programmers to filter, inhibit, or even eliminate such software in a more automatic fashion.’”

Free website to list programs with spyware

1/26/2006, USAToday

“The coalition is encouraging consumers to visit the website to log their experiences with harmful programs. It will then use that information to compile reports on suspect programs, websites and companies that foist the software on consumers without getting their consent.”

Anti-spyware project helps users

1/25/2006, BBC

“Although the numbers of computer viruses are growing every day, many makers of malicious programs have started putting their energy into creating so-called spyware and adware programs. Some of these nuisances sneak on to PCs by exploiting loopholes in Microsoft Windows but many are simply bundled in with other programs that users do want to install. Also some unscrupulous companies produce fake programs that claim to help users get rid of spyware or block spam but which make sure they receive only ads and spam from the software maker’s partners. The project aims to make clear what users will get when they download and install software.”