As I've mentioned in a couple prior posts, I have a video on hand showing Ebates Moe Money Maker software installed through security holes. I am now releasing this video to the public. My video and write-up are at the following page:

[/i]Video: Ebates Installed through Security Holes[/i]

For those watching the video: After I get infected (first couple minutes), there's some dull material as I browse the new programs installed through security holes. Ebates' directory and files are shown in the final ten seconds of the video.

Comments welcomed.

I wonder: What will the networks do? Now there's clear proof that 1) Ebates sometimes is installed without notice and consent, and 2) Ebates sometimes violates network policies (CoC and Addendum) as to overwriting other affiliates' cookies. Will the networks look the other way? Grant time for correction? Or take decisive action to see that merchants don't pay ill-gotten commissions?

Feel free to cross-post to other forums as appropriate.


Ben

Ben,

While I did not watch the entire video, I can commiserate. I think this needs to be escalated to a top level with all the 'big 3 (4)'.

I have an inquiry into Wendy Solomon at Linkshare investigating this exact thing. I suggest we all speak with her!

My story:
For the past 6 months, I have had an affiliate relationship with a large player in the apparel business. The program was managed by Performics. My conversion rate was consistently 6 - 8%. the sales were tracked in realtime and there was no 'funny business'. The links that should have converted DID!

Similar merchants, selling similar merchandise at similar pricepoints, with similar complexity of shopping cart were also promoted on the same page on my site. However they were with Linkshare or CJ. The conversion rates with them was always LESS than 0.5%! Quite a difference!!! My suspicions were that either all those merchants (?--unlikely), Linkshare and CJ played monkee business, or their links were easily pirated! So I stopped promoting Linkshare and CJ merchants as much as before.

Last month the merchant with whom I was so successful switched over to Linkshare. Alas, not only is the tracking no longer realtime (so it is almost impossible to judge your ad performance), but the conversion has dropped to below 1%. Now my suspicions are CONFIRMED!! The fault lies with Linkshare and CJ and the ease with which their links are hijacked!

The merchant who switched did not change creative, nor did I move the links to a different position on my page, however the revenue decreased fivefold! The merchants that I continue to promote through Performics still return a conversion rate of 6% or more!

Chomp on that CJ and Linkshare!

Yes, watching the whole video can be dull. I recommend watching in fast-forward -- just click the fast-forward button at the bottom of the player, to advance at several times real-time. Or, once you get a sense of how the security hole is exploited, just skip right to the last 15 seconds, when Ebates is shown on screen.

Is there any better way than a video for documenting a security hole being exploited? Clearly it would be better if my video didn't include so much junk in the middle -- but when I was making the video, I didn't know this was going to be an important video I'd want to share with the public.

As to the scope of the problem: Yes, LinkShare and CJ merchants seem to be most affected. However, I've also seen plenty of rule-breaking targeting Performics and targeting independent merchants too. At present 180 seems to be targeting some independent merchants especially intensely, including using hidden windows again.

Ben:
Thanks for posting this information! I am sure our members will find it very interesting.