Adware

What is adware and is it malicious?

Adware is usually associated with a pop-up or pop-under advertisements but can also secondarily perform other free services. The problem with most adware tools is the hidden intent or behaviors, including an unauthorized install. Adware is often delivered courtesy a third-party agreement to help offset the developmental cost of freeware. The act of spying on surfing habits as well as collecting and transmitting personal data to a remote server blurs security lines, raising a red flag and questioning the true intent.

Many computer users continue to be seduced by the thought of getting something for nothing, which is why adware is often bundled with freeware downloads. While adware tools can be annoying, not all are dangerous.

Toolbars can be exceptionally tricky since the install can reverse browser settings or control web requests. For example, Zango Toolbar is known to spy and report surfing habits, helping to customize advertisements being delivered to the victim’s PC. The assault of pop-up advertisements could annoy the PC user and spoil his or her Internet experience. Browser helper objects may also reroute traffic requests to unwanted URLs as follows:

• Route to arbitrary search engines to encourage click fraud and earn a hacker undue pay-per-click residuals.
• Route to malicious websites promoting the sale of a rogue security program that simulates a security breach by displaying fake alerts, scans, and reporting in hopes of scaring the victim into buying fraudulent software.
• Route to compromised websites housing a Trojan downloader that is able to automatically download malicious programs without further aid.

While adware is free, it doesn’t always come without hidden costs, especially those that fight removal attempts using normal methods, i.e. Windows uninstall. Any program that self loads and fights removal is without a doubt malicious and should be aggressively removed immediately using stealth mechanisms and tools.

Some adware tools are just malware in disguise. They not only spy on your web habits, but collect key data off of your system that can help a hacker steal your identity. An opened port connected to the wrong IP address can spell BIG trouble. A malicious program could be downloaded, including a backdoor that gives a hacker remote access. If you have not restricted access rights and are logged on as an administrator, a hacker could then assume such authority and do any and everything you can. Your system may be added to a botnet and partake in a DNS strike against fundamental, government, or industrial websites. System resources may also be used to spread spam to your family and friends or mine bitcoins, an underground currency that buries criminal purchases or activities from the government and other prying eyes.

Some adware tools are infused with obfuscation tricks that make it hard to remove manually and in those cases, you will need to use an anti-rootkit antimalware solution to wipe clean your system. Otherwise, the silent attack will continue and ultimately you will face either the explosion of a rogue security program or the blue screen of death, due to an overload of system resources.

Adware Characteristics

Online advertising has been around since the dawn of the Internet. Most of us remember the cliché scam ads from the early 2000’s – “Congratulations! You are the 999,999,999th visitor of this website! Click here to claim your prize!”. It’s safe to say that the methods of advertising online have greatly evolved since. One such method is adware. It commonly appears as pop-up windows but it often comes in the form of banners or pop-under windows. The purpose of such software is to provide ads for the user, while they are browsing. This is achieved by the app downloading the advertisement images and text from the advertiser’s FTP servers and placing them in the browser. Adware is also known to redirect users to websites of its choice, namely advertising pages. Furthermore, such programs could also collect information from the browsing habits of the user with the end goal of providing more relevant ads. The type of data such programs may collect could be:

• Most frequently visited web pages.
• The type of browser used and the operating system itself.
• The user’s IP address.

One of the trickiest characteristics of adware is that it often remains undetected by installing itself behind the user’s back. This way the application avoids being recognized as unwanted and subsequently removed. Additionally, the fact that the user is unaware that the ads appearing in their browser are generated by a program gives the ads more credibility.

Is Adware Malicious?

In its essence, the purpose of adware is to supply the user with unwanted ads. The fact that most adware doesn’t notify the user when it’s being installed on their computer is already a red flag. If the program displays trojan-like features, namely collecting data about the user’s browsing habits without notifying them, it’s easy to conclude that it’s a malicious application. However, if that’s not the case adware still cannot be considered ‘legitimate’. It falls in the so-called ‘grayware’ area.

How Did Adware End Up On My Computer?

Adware usually finds its way into one’s computer via one of two common routes:

1. Visiting corrupted websites may result in adware stealthily being installed on your system by exploiting browser vulnerabilities or other vulnerable software.
2. Downloading free software hides many threats. Free applications often happen to be bundled with potentially unwanted software such as different kinds of adware. Examples of popular free tools which are likely to come as a package deal with adware are:
   • Conduit Search/Toolbar
   • Price Chop
   • InstallCore
3. Downloading falsely advertised applications. Adware creators often ‘mask’ the true nature of their products by passing them off as supposedly useful software. An example would be apps that are meant to enhance the user’s browsing experience but instead are nothing more but adware. Ironically, instead of improving the browsing experience, as they claim, often the opposite is the case. Not only would you be spammed with ads but this type of software could slow down your system, as it is constantly generating advertising text and images, thus using up your data and clogging the other processes too.

Even though adware isn’t officially classified as malware, it’s capable of causing you significant headaches. If detected, it’s strongly advisable that you take immediate actions and remove the adware from your system using a legitimate security suite.