A research work conducted by the members of the Vietnamese hackers’ community (HVA) in cooperation with CMC InfoSec, has found out that some services and software pieces provided by Baidu in the Vietnamese market have illegally intervened the users’ computers.
TTPlayer, a software piece to listen to music, for example, has been listed by the researchers as adware, or the illegally advertised software which installs itself and illegally changes the home page for the advertisement purpose.
More importantly, during the installation of the software, an application called hao123.1.0.0.1097.exe would be automatically installed in the users’ computers.
The application plays the role of a trojan/downloader, which quietly “resides” on the victims’ computers and they can download any more parts, including the malware with the remote control. This means that TTPlayer and hao123 have opened a “backdoor” on the computers, which can download the components to harm the system any time when the computers have Internet connection. Especially, the computers’ owners do not know about the existence of the components.
If wanting to watch online films with ahphim.com, viewers would have to install HiPlayer software. However, when installing HiPlayer, users would get hao123 as well.
Security experts have pointed out that the behavior of installing software pieces illegally without the permission of users, and opening a backdoor on the system would be dangerous to users.
In this case, the computers of the victims would be easily controlled from a distance, while hackers would be able to easily steal data or turn them into zombies which would participate in the DDoS attacks.
Vo Do Thang, Director of Athena, an information technology and network security center, said that baidu.com.vn website requests users to provide detailed personal information and update information.
The request aims to collect updated information about Vietnamese people which could serve as the database for market survey firms. As such, Baidu would easily obtain valuable information about customers for commercial purpose – the information that other companies would have to pay high to get.
Besides, as the computers are installed with the software with the “backdoor,” Baidu would be able to count the points of Internet access in every locality and the number of computers accessing to Internet in the localities.
Thang has warned users against the installation of the apps allowing to watch films and listen to music from Baidu in order to avoid the possibility of getting controlled illegally. He has also advised users to install prestigious anti-virus software to alert the risks for their computers.
In case users accidentally installed the malicious software pieces, users should remove the installation, while installing specialized anti-spyware programs such as Spyware Terminator to eliminate the viruses left in the computers.
Vietnamese Internet users have expressed their anger about Baidu’s illegal intervention to users’ computers. On some forums, members have called on to boycott Baidu’s services. Vanthin76us believes that it would be better to remove all the apps of the project, calling on people to think carefully before installing any free apps to avoid the worst scenarios.
Vietnamese users have complained about Baidu’s services. Nguyen Hung complained that he can see Baidu’s service websites, hao123 logo on menu start bar and desktop any time when he turns on IE, and he cannot remove the logos.
Tran Thanh Hung said he had to set up his computer again three days ago, because he could not remove the malware which made the computer go slowly.
Source: Tien phong