Spyware.Apropos Maker ContextPlus Shuts Down

By Jimmy Daniels
Contributing Writer, RealTechNews

According to their website, ContextPlus, makers of Apropos and PeopleOnPage, has shut down, and, once again, it’s someone else’s fault. Those dang distribution partners get you every time. Posted on their site

Due to concerns over the practices of some of its distribution partners, ContextPlus has determined that it is no longer able to ensure the highest standards of quality and customer care and therefore is discontinuing further distribution of its software.

From eweek,

“This is one of the most notorious companies out there. They’re doing all kinds of nasty things on [hijacked] machines,” said the source, who requested anonymity because on the ongoing nature of the investigations.

“They’re using a very sophisticated kernel-mode rootkit that allows the program to hide files, directories, registry keys and processes,” F-Secure chief incident officer Mikko Hypponen said in a recent interview.

Beyond the stealthy rootkit techniques, ContextPlus has also reportedly used several tricks to avoid desktop security applications: Security researchers say the company has used polymorphic wrappers that constantly changes the appearance of the spyware file so that every time a user downloads the Apropos program from ContextPlus servers, it looks totally different.

The tactic allows the downloading server to regenerate a new program for every single download, making it near impossible for regular security scanners to find the program on infected machines.

We Say: Begin sarcasm: They’ll be missed. end sarcasm.