*** Welcome to piglix ***

Christopher Boyd

Christopher Boyd
Other names Paperghost
Occupation Computer Security Researcher
Known for Computer Security

Christopher Boyd, also known by his online pseudonym Paperghost, is a computer security researcher.

Boyd was Director of Malware Research for security company FaceTime, before becoming a Senior Threat Researcher at Sunbelt Software (later known as GFI Software). In December 2013 Malwarebytes announced Boyd had joined their Malware Intelligence team to research new threats.

In July 2004, Boyd launched Vitalsecurity.org, a website bringing to the public attention issues of privacy and spyware.

In November 2004, a modular hacking technique was employed to compromise Windows end-users by hacking Apache servers. When hacked, the servers would redirect a user on any of the server's websites, leading them to a set of ever-changing infection pages. These pages employed recoded viruses, trojans, malware and spyware. This technique is used heavily today by the groups behind the spyware CoolWebSearch (CWS).

The idea that alternative browsers such as Opera and Firefox could somehow enhance end-user security was cut down in March 2005 with the discovery of a Java applet that, if agreed to, would install a large (and varied) adware bundle onto the end-user's PC. It was found that having the "rogue" site in the user's blocklists and security tools would do nothing, the install bypassing these tactics completely if the end-user clicked "Yes". An updated Firefox .XPI installer (which infected Internet Explorer) was also deployed in some of these installs.

In June 2005, it was discovered that more and more Adware makers were turning to alternative sources for their installs, as more end-users become aware of the more common install tactics. A reliance on crude social engineering and P2P systems that were previously clean was now on the rise. Boyd discovered that forums and file-sharing sites were used as a major source of distribution for Aurora (a program produced by Direct Revenue) and a number of other major adware programs, wrapped up in bundles produced by Metrix Marketing Group (MMG), a company who lost control of their own network. Potentially copyright infringing files, illegal pornography and incorrect / absent disclosure was exposed on such a scale as to cause the companies involved (Direct Revenue, 180solutions and others) to publicly declare their discontinuation of these methods.


...
Wikipedia

...