Here is their statement from their website.

News Update (2005-08-09):

As you may have heard, there is a new spyware identity theft ring out there:

For some obscure reason, they keep claiming that it has something to do with coolwebsearch. It does not. We urge anyone who has any evidence on this actually being linked to us to come forward and let us know. If one of these people is actually working for us, we will contact the FBI and release his information immediately. In addition we will of course close his account and withhold his or her payment for violation of our rules, as we have done with all the so called “hijackers”.

Our lawyers are currently thinking of suing yahoo and all the other places who posted this article with “CoolWebSearch” in it as the name of the so called exploit for slander. Please get your facts straight before doing these things.

For reference purposes, this is how you find out whether or not a site is related to coolwebsearch: you click a link and you track where the redirections go. If it goes through the CWS ip, which is currently, or the domain then it’s CWS, otherwise, IT’S NOT! There are dozens of hijacker outlets out there, and they are all called “CoolWebSearch” by those who do not bother to check their facts before posting articles on news sites.


Please. Sunbelt has never said this keylogger was coming from CWS.  We said exactly the following: “This keylogger is not  CoolWebSearch.  It was discovered during a CoolWebSearch (CWS) infestation, but it actually is its own sophisticated criminal little trojan that’s independent of CWS.”

Alex Eckelberry


Get your free 30-day GFI LanGuard trial

Get immediate results. Identify where you’re vulnerable with your first scan on your first day of a 30-day trial. Take the necessary steps to fix all issues.