A team of researchers has hacked the working of software with the potential risk of malware — disguised as lucrative advertisements — opening computers and other devices to hijacking.
A team of researchers from Google and the New York University Tandon School of Engineering next week will offer the first public view into shady practices that deliver unwanted advertising and software bundled with legitimate downloads — a problem that occurs far more often than malware attempts.
Their research material, provided by The New York University, suggested that some of the affiliates that distribute such softwares might be complicit in the scheme, which provides layers of deniability that they are installing unwanted software.
Generally, when a person goes to the “legitimate software update or download”, a barrage of advertisements overruns the screen. Sometimes flashing pop-ups warn of the presence of malware, demanding the purchase of what is often fraudulent antivirus software.
On other occasions, the system’s default browser is hijacked, redirecting to ad-laden pages.
The researchers conducted the first analysis of the link between commercial pay-per-install (PPI) practices and the distribution of unwanted software.
Kurt Thomas, a research scientist at Google, and Damon McCoy, an Assistant Professor of Computer Science and Engineering at NYU Tandon and their colleagues cite reports indicating that commercial PPI is a highly lucrative global business, with one outfit reporting $460 million in revenue in 2014 alone.
“If you have ever downloaded a screen saver or other similar feature for your laptop, you have seen a ‘terms and conditions’ page pop up where you consent to the installation,” McCoy explained.
“Buried in the text that nobody reads is information about the bundle of unwanted software programmes in the package you are about to download,” McCoy added.
The report explains that PPI businesses operate through a network of affiliates — brokers who forge the deals that bundle advertisements (often unwanted software) with popular software applications, then place download offers on well-trafficked sites where they are likely to be clicked on.
Parties are paid separately — meaning some legitimate developers do not know their products are being bundled with unwanted software — and they are paid as much as two dollars per install.
The paper, Investigating Commercial Pay-Per-Install and the Distribution of Unwanted Software, will be presented at the USENIX Security Symposium, a top computer security conference, in Austin, Texas, next week.