Ex-Adware Designer Explains How Adware Works, Vulnerabilities in Internet Explorer

February 9, 2009

Sherri Davidoff of philosecurity.org posted an enlightening interview with Matt Knox who was previously employed writing adware for Direct Revenue.

A few highlights:

The good distributors would say, ‘This is ad-supported software.” Not-so-good distributors actually did distribute through Windows exploits. Also, some adware distributors would sell access. In their licensing terms, the EULA people agree to, they would say “in addition, we get to install any other software we feel like putting
on.” Of course, nobody reads EULAs, so a lot of people agreed to that. If they had, say, 4 million machines, which was a pretty good sized adware network, they would just go up to every other adware distributor and say “Hey! I’ve got 4 million machines. Do you want to pay 20 cents a machine? I’ll put you on all of them.” At the time there was basically no law around this. EULAs were recognized as contracts and all, so that’s pretty much how distribution happened.

Most adware targets Internet Explorer (IE) users because obviously they’re the biggest share of the market. In addition, they tend to be the less-savvy chunk of the market. If you’re using IE, then either you don’t care or you don’t know about all the vulnerabilities that IE has.

Sherri: In your professional opinion, how can people avoid adware?
Matt: Um, run UNIX.
Sherri: [laughs]
Matt: We did actually get the ad client working under Wine on Linux.
Sherri: That seems like a bit of a stretch!
Matt: That was a pretty limited market, I’d say.

Matt also goes into a lot of detail describing the different methods he employed to ensure that it was close to impossible to deactivate the adware once it was running.  Read all about it in the original article.  Thanks to Aaron Toponce and Bruce Schneier for pointing out this great interview.

The bottom line:  If you want to stay free of adware, don’t use Internet Explorer.  I’d recommend running Firefox in Ubuntu.

About these ads

One Response to “Ex-Adware Designer Explains How Adware Works, Vulnerabilities in Internet Explorer”


  1. […] Go to the author’s original blog: Ex-Adware Designer Explains How Adware Works, Vulnerabilities in … […]


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: