by CIO Staff

Security Gurus Watch Reappearance of ‘Yapbrowser’

May 31, 20063 mins
IT Strategy

A Web browser originating in Russia is available for download again after it was taken down last month when security analysts found it directed users to child pornography.

The Yapbrowser instantly raised concern when it was noticed in April, said Chris Boyd, security research manager for FaceTime Communications. Typing any search or URL into the browser led users to websites containing child pornography.

Under pressure from security researchers, the software’s creators took the browser offline about a month ago. But the Yapbrowser has now appeared on a new download site, according to a security blog run by FaceTime.

Security researchers say it falls into the category of rogue browsers, which take users to ads or other content that they don’t ask to see. It was originally hosted on a server in Russia that also hosted “hijack” sites, such as search engines that flood computers with adware, Boyd said. Users were lured to the site through unsolicited e-mail.

The new version of the Yapbrowser doesn’t work properly, throwing up a 404 error page when a URL is entered, according to Boyd.

“We’ll be keeping an eye on it just to see what happens,” Boyd said. “For the moment they’ve relaunched, but it doesn’t actually function, which seems a bit pointless.”

Security researchers advised users to not download the browser, despite tortured English claims on the site that say, “Your computer will be free from viruses breeding online.”

The Yapbrowser at one time was also bundled with Zango, software from 180solutions that delivers ads based on searches. 180solutions has come under frequent fire for promoting programs that installed unwanted adware and spyware with little or no user consent.

Adware, the term for software that delivers advertisements, and spyware programs, which can record what websites a person visits and send the information to a marketer, can slow down computers and be difficult to remove.

180solutions was the target of a complaint filed earlier this year with the U.S. Federal Trade Commission by the Center for Democracy and Technology (CDT), a Washington, D.C., nonprofit group. The CDT alleged the company used deceptive practices to get users to download software.

Its ties to Yapbrowser were apparently severed after public attention around the Yapbrowser, Boyd said. Boyd and other security analysts corresponded with Yapbrowser’s Russian creators, who eventually withdrew the product, saying they were “shocked” by the content it fetched.

-Jeremy Kirk, IDG News Service

Check out our CIO News Alerts and Tech Informer pages for more updated news coverage.