Is Micro Bill Systems legit or Ransomware
There has been a lot of discussion lately about the tactics of Micro Bill Systems. Is their software legit or does it hold your PC hostage and use scare tactics to bully you into paying for access to their (adult) sites?
From their "Terms and Conditions"
12.5 If You choose to ignore the payment reminders and do not pay the Membership Fee, You hereby understand and acknowledge that the prompt reminders may become more frequent and that You may lose the ability to use Your computer until You have submitted payment. The payment reminders will be active while your computer is online or offline. [emphasis mine]
Wow! talk about hijacking your machine ... I wonder if that is even enforceable?
A Micro Billing spokesman stated: The software that has been described on this forum can ONLY be downloaded from visiting one of our clients sites. Our software is not spyware nor is it embedded as a trojan. [emphasis mine]
Well let's see what VirusTotal has to say about their download (MBSAuthenticate_19.exe)
Looks to me like quite a few of the major Antivirus vendors disagree ... however a few of the vendors have changed their detection description lately. Why? seems MBS has threatened legal action ...
But what about those who enlist antivirus software to remove the MBS product? MBS says it is considering legal action against Jacques Erasmus of Prevx, following comments he made previously in the Guardian about the company; it wants to stop Prevx's product from removing its software. Symantec - which sells the Norton security products - has already agreed to such demands. [link here]
"We are taking legal action against a number of companies that promote their software as being able to remove our software," Bateup says. "Their actions constitute an offence since they are inducing consumers to breach their contracts with us. We are taking legal action against all companies that list our software as malware or spyware.
Symantec changed their detection (13 February 2007) from "Adware" to "SecurityRisk.SexxPass"
"SecurityRisk.SexxPass is a security risk that adds certain domains to the trusted sites list in Internet Explorer. This means that downloads can occur automatically without explicit user consent."
Funny I saw no mention of "adds certain domains to the trusted sites" in their Terms. Appears Prevx dropped their detection completely? ... Looks to me like MBS picked the smallest company to threaten ... I doubt Kaspersky will change theirs (Trojan.Win32.Agent.afi)
Now I found no evidence of their sites auto-installing the software, but the tactics are highly questionable. I seriously doubt their "Terms & Conditions" would hold up in court here in the US, but it seems just the costs of a legal battle have caused a few of the vendors to change their detections ... very sad ...
In my opinion if the vendors software can not pass a VirusTotal scan, then they are a risk to the end-user.
How To: Remove Micro Bill Systems