Potentially unwanted programs (PUPs) are on the rise. According to recent Emsisoft research, they now comprise almost 75% of total malware infections.
Webopedia defines PUPs as “unwanted programs such as Trojans, toolbars, spyware and adware, along with other malware which may compromise your privacy.” Once sneaked onto a computer, PUPs make money with one or more forms of browser hijacking: pop-up ads; sales or monetization of search data and browser behavior; and redirecting the user’s homepage or new tab page.
Research has shown that seven of eight free antivirus programs bundle PUPs at installation. Though users could read the small print and not rush through installations quickly, antivirus vendors are clearly using misleading tactics to install PUPs in exchange for quick cash.
PUP creators pay other software vendors up to $2 an install if they include their PUP in the installation path. Many software vendors have hundreds of thousands of downloads a week, so you can do the math on how much money can be made.
But when antivirus programs spread what they’re supposed to protect users against, the image of the antivirus industry and freeware as a whole is at risk.
Moreover, the misleading way that antivirus programs bundle other software crosses a line: multiple PUPs; ‘white-labeled’, aggressive versions of the Ask toolbar; little or no disclosure of what’s installed; and opt-out installs by default. The fact that no vendor uses opt-in methods indicates that not many users would actively choose to install these programs.
One can argue that PUPs enable freeware vendors to make a profit and that there is no such thing as a free lunch – but my perception is that it’s done in a misleading way to trick unaware users. Users should be given full disclosure about what changes are made on their computer and what will be done with their data so that they can make a conscious choice whether or not to download a free antivirus program with PUPs.
“When antivirus programs spread what they’re supposed to protect against, the image of the antivirus industry and freeware as a whole is at risk”
For example, one of the larger free antivirus vendors offers white-labeled versions of the Ask toolbar and, by installing, users comply with the following small print of that PUP:
“The search functions our program provides are provided by APN, LLC (Ask.com). If you start a search query via the search functions, Ask.com records certain information and displays the search results. For example, Ask.com determines your IP address, the source of your search, your browser and platform type and your language settings. Ask.com can forward this information to third-party content providers and sponsored links. For more information and to see Ask.com’s privacy policy, please click here.”
Most likely, not many people would volunteer to share their online data or browsing behavior with third parties in this way. But it is unlikely that users would even notice the privacy policy of this PUP, since it came disguised as a white-labeled toolbar from the antivirus vendor, buried in the terms and conditions.
This is just one example of how antivirus vendors will use any possible way to increase the spread of these unwanted programs in exchange for quick cash. If we don’t collectively put a halt to this, it will be hard for ethical freeware vendors to compete against the ones who make millions in pay-per-install revenue.
It will be the end of clean freeware programs, and only the beginning of an antivirus industry in which ethics have shifted and where multiple parties, for monetary reasons, try to keep quiet that they’re not protecting against, but are in fact spreading, PUPs.
About the Author
Christian Mairoll is the CEO and founder of internet security company Emsisoft. Christian’s specialties include behavior-based malware analysis and cybersecurity. Realizing his vision for an entire virtual company, his company’s mission is to make the most powerful yet lightweight protection software in the way that’s easiest for everyone.