In a world where ransomware, banking malware and corporate spyware have become the standard cyberattack, adware, browser hijackers and generally, unwanted programs are somehow sidelined. However, these invasive and persistent programs are still as damaging as they were a few years ago when there was a boom in such intrusions. How are things in 2016?
One might think that adware “infection” cases are easily solved and forgotten and that users are able to quickly clean up their systems. Still, this is not exactly your average adware situation. Just go to a random forum where users seek assistance in adware removal, and you will feel the despair and anxiety adware can cause.
This is the moment to clarify that adware is a broad term for a problem that can potentially cause further malware-related issues, Trojan and spyware components, etc. At the very least, adware means lots of (often impossible to close) pop-ups and windows, altered browser settings and browser redirects.
Certain programs are still circling the Web years after they were first introduced. Why is that? Two particular answers come to mind:
- Software and freeware bundlers – You install the program you wanted in the first place but also get a surprising “bonus.”
- Pay-per-install – Researchers have already referred to PPI as the new malware distribution network.
Commercial PPI and software bundling are indeed a very effective monetization scheme where third-party programs are bundled with legitimate software. Companies dedicated to the development and distribution of adware and PUPs have definitely made millions off of unwanted downloads and installations.
That being said, what are the adware programs still haunting users long after they were first introduced? The list is definitely longer, but the following programs deserve a closer look…
DNS Unlocker appeared in the fall of 2014. Back then, the program was known as Netflix DNS Unlocker, which also explains its high installation rates. Users were simply tricked by a luring promise to access otherwise inaccessible content. Interestingly, the Netflix logo is still found on the homepage of the adware along with other services DNS Unlocker promises to unlock.
After DNS Unlocker’s first release, there was a strong wave of affected users complaining in forums, where they shared their negative experience with the program and talked with one another to try to find a way to permanently delete the program.
Nonetheless, the fact that the download button was disabled didn’t end distribution. To escape legal issues, DNS Unlocker, like many other adware and PUPs, just switched to bundling.
In addition, DNS Unlocker has several iterations. The last DNS Unlocker version was 1.4.
Mindspark Inc., now known as IAC Applications
It’s difficult to outline the most nagging of all IAC Applications as there are too many. This company and their affiliate partners, which are usually mentioned in privacy policies and download agreements, prove how profitable the adware business really is.
Take GetFormsOnline(.)com, a tricky browser hijacker that attaches itself to a browser; changes the homepage, new tab page, and search engine; and adds a toolbar and a browser extension. Once this is done, the user may be redirected to potentially malicious websites that may cause malware infections.
As with DNS Unlocker, GetFormsOnline(.)com finds its way to a user’s machine through third-party installers and freeware bundlers. One way to avoid such an unwanted intrusion is by simply being more careful during the installation process of the initially wanted program. In some cases, going for the advanced or custom installation setup may save you the trouble of removing PUPs.
GetFormsOnline(.)com is a great example of what a company dedicated to ad-supported software can do to the average user. However, the number of applications developed by IAC is definitely beyond imaginable, and it’s definitely not the only company developing and delivering adware on users’ computers and mobile devices.
Hi(.)ru Browser Redirect
Hi(.)ru is an excellent example of your browser being affected by a PUP without your knowledge or consent. You become aware of the unwanted intrusion once your browser’s homepage is taken by hi(.)ru.
Hi(.)ru doesn’t look like a malicious page, and in fact, it may not be one. What’s troublesome about it is that it got into the system, covertly and silently, accompanied by a potentially unwanted app.
Users have been complaining about the redirect and its persistent nature for many months now. Apparently, it continues to circle around and take over browsers.
If you see this Russian website set as your homepage, make sure to remove hi(.)ru fully from your computer! You don’t want your personally identifiable information being collected by undisclosed third parties and affiliate partners, do you? Plus, this pesky homepage is an indication of something worse lurking in your system.
Adware, browser hijackers, browser redirects, PUPs… Is there an end to this horror story?
No, there isn’t. Despite its shady nature, ad-supported software has proven to be a great way to monetize platforms and jobs.
“Adware, or advertising-supported software, is any software package that automatically renders advertisements in order to generate revenue for its author.”
Just by having a look at its official definition is enough to conclude that adware is not going anywhere! In other words, the PUPs we described here may soon be replaced by others, or others may just be added on top of that “forever adware list.”
What’s left for us users is to constantly revise and adopt secure behaviors for when we’re online.
About the Author: Milena Dimitrova is an inspired writer for SensorsTechForum.com who enjoys ‘Mr. Robot’ and fears ‘1984’. Focused on user privacy and malicious software, she strongly believes that passwords should be changed more often than opinions. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles!
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.