Core Viewpoint - The report by Huorong Security Lab reveals a large-scale promotion scheme involving multiple companies, including Chengdu Qilu Technology Co., Ltd. (operator of LuDaShi), which employs covert methods to hijack user traffic and silently install software while implementing targeted "anti-detection" strategies [1][3]. Group 1: Companies Involved - Chengdu Qilu Technology Co., Ltd. is identified as the operator of LuDaShi, which is part of a broader network of companies engaged in traffic hijacking [1][3]. - Other companies listed in the report include Chengdu Hechang Junwei Technology Co., Ltd., Shanghai JiuLie Network Technology Co., Ltd., and several others, each associated with specific software products [2]. Group 2: Promotion Tactics - The report details various promotional tactics used by these companies, such as browser pop-up ads for games, silent installation of third-party software without user consent, and manipulation of web links to earn commissions [3][5]. - A notable tactic includes the dynamic control of software promotion through cloud-based configuration commands, allowing for targeted advertising based on user location and behavior [3][5]. Group 3: Evasion Strategies - The software employs complex "hide-and-seek" strategies to evade detection, including geographic targeting based on user IP addresses and halting promotions if technical analysis tools are detected on the user's device [5][6]. - The report highlights specific detection logic within LuDaShi's promotion module that prevents advertising if the user has visited certain complaint-related websites or social media pages associated with 360's founder Zhou Hongyi [7][10]. Group 4: Response and Updates - On the same day the report was released, LuDaShi pushed two software updates, which vaguely mentioned "bug fixes" and "enhanced user experience," without addressing the allegations of traffic hijacking [10]. - As of the report's publication, LuDaShi has not publicly responded to the specific accusations made in the Huorong Security report [10].

Core Viewpoint - The article discusses the resurgence of concerns regarding "rogue software" in the Chinese PC ecosystem, particularly focusing on the security software "Ludashi" and its alleged deceptive practices in promoting third-party software and manipulating web traffic for profit [1][2]. Group 1: Allegations Against Ludashi - A recent report by Huorong identified nearly 30 domestic software programs, including Ludashi, as engaging in traffic hijacking and malicious promotion [1]. - The report claims that Ludashi uses fake close buttons to trick users into downloading unwanted software and inserts rebate parameters into legitimate links, allowing it to siphon off commissions from user searches without their consent [6][8]. - Ludashi's parent company, Chengdu Qilu Technology Co., Ltd., has seen a decline in user engagement and revenue, leading to a reliance on advertising for income, which now constitutes 99.9% of its revenue [14][15]. Group 2: Technical Mechanisms of Promotion - The report outlines various promotional tactics employed by the implicated software, including malicious promotion through deceptive user interactions and web link manipulation [4][6]. - A cloud control configuration module was identified as a key component in executing these promotional strategies, allowing for real-time adjustments based on user behavior [8][9]. - The software reportedly employs sophisticated evasion tactics, such as monitoring user browsing history to avoid targeting technically savvy individuals [9][10]. Group 3: Industry Context and Legal Challenges - The article highlights the broader issue of "rogue software" in the PC industry, which has persisted for over a decade, with users often facing difficulties in seeking redress due to high costs and lack of clear evidence [2][17]. - Legal experts note that while there are laws against deceptive practices, enforcement remains challenging due to the technical nature of these software behaviors and the difficulty in gathering evidence [18][19]. - The article suggests that regulatory measures need to be strengthened to deter such practices and encourage software companies to adopt legitimate business models [20].

Core Viewpoint - The report by Huorong highlights the presence of "rogue software" in the domestic PC ecosystem, particularly focusing on the well-known software Lu Da Shi, which is accused of deceptive advertising practices and traffic hijacking [2][3][10]. Group 1: Allegations Against Lu Da Shi - The report identifies Lu Da Shi as engaging in misleading practices, such as setting fake close buttons to trick users into downloading third-party software [2][4]. - Lu Da Shi is also accused of inserting rebate parameters into links on platforms like JD.com and Baidu, allowing the software to earn commissions without user consent [5][9]. - The software's operations are said to be controlled by a cloud-based configuration system, which allows for real-time adjustments to promotional strategies based on user behavior [5][6]. Group 2: Industry Context and Impact - The report indicates that Lu Da Shi, once a leading system evaluation software with a market share of nearly 99%, has seen a decline in user engagement and revenue due to changing market dynamics and regulatory challenges [10][11]. - The company's revenue heavily relies on online traffic monetization, with 99.9% of its income coming from this source, particularly from advertising, which has surged by 153% despite a general downturn in the advertising industry [11]. - The report suggests that the software's reliance on gray income models is a response to the challenges of finding stable monetization avenues in a competitive market [10][11]. Group 3: Regulatory and Legal Challenges - The report discusses the historical context of "rogue software" in China, noting previous attempts to combat it through collective lawsuits and the formation of advocacy groups, which have had limited success [12][13]. - Legal experts highlight the difficulties in defining and prosecuting "rogue software," as it often operates in a gray area between legitimate software and malware, complicating enforcement efforts [12][14]. - Recent regulations have begun to clarify the boundaries of acceptable advertising practices, but enforcement remains challenging due to the technical sophistication of these software programs [13][14].

Core Viewpoint - The article highlights the malicious practices of the software "鲁大师" (LudaShi), which has been identified as part of a larger "cloud control promotion black industry chain" that exploits users without their knowledge [1][2]. Group 1: Malicious Activities - "鲁大师" utilizes remote cloud control technology to perform unauthorized actions such as displaying pop-up ads, silently installing third-party software, and altering shopping links to capture commissions [2][3]. - The software engages in traffic hijacking by modifying web links when users visit platforms like JD.com, inserting its own promotional parameters to claim commissions that should belong to the user [3]. - It employs deceptive tactics such as displaying a fake search box to lure users into clicking for monetization [4]. Group 2: Targeted Exploitation - "鲁大师" customizes its promotional tactics based on user profiles, including geographical location and the presence of antivirus software, often targeting less tech-savvy users while avoiding those who may recognize its tactics [7]. - The software monitors users' browser history to identify those who have searched for terms related to hijacking or malicious software, ceasing promotions for these users to evade detection [9][10]. Group 3: Evasion Techniques - The report details various evasion techniques employed by "鲁大师" to avoid scrutiny, such as detecting whether users have visited complaint websites or installed technical software, and adjusting its promotional behavior accordingly [10]. - The software uses data encryption, code obfuscation, and dynamic loading to hinder security analysis and obscure its harmful practices from users [10]. Group 4: User Experience and Functionality - Users have reported numerous "rogue" behaviors from "鲁大师," including frequent pop-up ads and forced changes to browser settings, which diminish the overall user experience [13]. - Many originally free features have been restricted to paid memberships, with claims that performance optimization tools provide limited actual benefits [17][20]. - Proper uninstallation of "鲁大师" requires specialized tools to remove associated components thoroughly, indicating potential residual issues post-uninstallation [20].