LOGO

Avast Antivirus Spyware: Adware Tracking Concerns Addressed

October 22, 2014
Topics:FeaturesCloud & Internet
Avast Antivirus Spyware: Adware Tracking Concerns Addressed

Browser Extensions and User Privacy Concerns

Early this year, concerns were raised regarding the privacy practices of numerous browser extensions. Investigations revealed that many were engaged in tracking user browsing activity and, in some instances, injecting advertisements into web pages.

This issue wasn't limited to obscure developers. Even Avast, a well-known and generally trusted antivirus provider, was found to be involved in these practices.

Update Regarding Avast's Practices

It's important to note that these activities occurred in the past, and Avast has since taken steps to address the issues. Their current product is considered reliable.

While this information is presented for historical context, it’s worth acknowledging that other antivirus vendors may be engaging in similar behaviors.

Avast has responded to previous reports on their forum. We maintain the accuracy of our findings, with the exception of a minor technical detail that has been corrected.

Our intention is not to be critical, but rather to improve the online experience for all PC users.

Discontinuation of the "Shopping" Feature

Avast has recently deactivated the controversial "shopping" feature within their browser extension. Users with the latest version of Chrome and updated extensions are currently unaffected.

However, the core issue remains: users should be able to place their trust in their antivirus provider. The inclusion of a feature that monitors browsing habits and inserts advertisements – without adequate disclosure – is problematic.

Furthermore, the simultaneous claim of combating spyware, while actively engaging in similar practices and even removing competing shopping extensions, raises serious questions.

avast-antivirus-was-spying-on-you-with-adware-until-this-week-1.jpgDetection of Competing Extensions

Testing revealed that Avast primarily identified and removed extensions that directly competed with its own shopping extension.

On our test systems, the only instances of spyware or unwanted software that Avast successfully detected and eliminated were those that presented a competitive threat to their proprietary shopping tool.

This selective detection raises concerns about potential conflicts of interest and the prioritization of commercial gain over user security.

Avast Online Security Extension Included a "Shopping" Feature

Recently, during testing involving the installation of various unwanted programs from low-quality websites, a surprising discovery was made regarding Avast antivirus software.

It was found that certain adware wasn't originating from external sources, but was instead integrated directly within Avast itself.

The SafePrice Component

The issue centers around the SafePrice component of the Avast Online Security extension.

This component introduces shopping suggestions – effectively advertisements – while users navigate the internet.

Many users actively seek browser extensions designed to locate more favorable pricing options.

Indeed, a member of the HTG writing team recently inquired about the optimal methods for price comparison.

As a separate, intentionally installed application, such a feature would be perfectly acceptable.

Concerns Regarding Implementation

However, Avast incorporated this functionality into its browser extensions, which boast a user base of at least 10 million for the Chrome version alone.

Furthermore, the shopping feature was activated by default upon installation.

It’s important to note that Avast has since updated its extension to remove the shopping functionality.

However, the component was present for a period of time, potentially dating back to around December of the previous year.

This raises questions about transparency and user consent regarding the inclusion of advertising features within security software.

Data Collection Practices

Previously, we alluded to the possibility of this browser extension engaging in user monitoring. Unlike many sources, we base such assertions on concrete evidence, and will now present our findings.

To investigate, we employed Fiddler to analyze network traffic, revealing that every website address visited was transmitted to Avast’s servers. A preliminary check was made to a specific endpoint – /urlinfo – on their infrastructure, with each request including a unique identifier representing the user.

This process allows for the compilation of a comprehensive record of the user’s browsing activity. Avast asserts that all personally identifiable information is removed; however, the method by which this is achieved remains unclear given the tracking of every URL visited and its association with a unique user ID.

Clarification from Avast

Following our initial report, Avast reached out to clarify that the /urlinfo endpoint is integral to their security extension’s functionality, a point which aligns with its intended purpose.

However, data transmission was also observed through the /offers endpoint, indicating further data collection.

avast-antivirus-was-spying-on-you-with-adware-until-this-week-3.jpgThe primary concern lies with this unique tracking ID. While it may not directly reveal a user’s name, it is sufficient to link their entire browsing history, which raises significant privacy concerns.

It’s important to note that this data collection occurred without explicit user consent. Users simply sought to enhance their online security through a reputable antivirus solution.

The Core Issue: Browser Extensions Possess Excessive Authority

Related: Be Aware: Your Browser Extensions May Be Monitoring Your Activity

This practice, though concerning and disappointing from a provider one should rely on, is not unprecedented. The vast majority of online products and services, including browser extensions, applications, and websites, engage in some level of tracking. Here at How-To Geek, we utilize Google Analytics to monitor website traffic, and our advertising partners likely employ additional tracking methods beyond our control. This is a common practice across the web.

The collection of personal data and the utilization of big data have become commonplace, as the principle dictates: when a service is offered without charge, the user themselves often constitutes the product. Accepting some tracking on a completely free website isn't overly problematic, as sites like ours require revenue to compensate content creators, and advertising serves as the primary funding source. However, the issue arises when this tracking permeates all online activities.

A significant concern is that the majority of browser extensions are granted access to all content displayed within your web browser, across all websites you visit. Furthermore, this level of access is often not adequately communicated to users.

Therefore, when an extension requests permission to "Read and change all your data on the websites you visit," it may be prudent to consider removing it from your browser.

#Avast#antivirus#spyware#adware#privacy#data collection