FaceTime Communications researcher Chris Boyd, aka Paperghost, is back at it again with Zango, the long-criticized adware distributor that has been promising to clean up its act and go legitimate.
After several years of scrutiny from many researchers, including Boyd, and a $3 million settlement with the FTC over charges of "Deceptive Failure to Disclose Adware," "Unfair Installation of Adware," and "Unfair Uninstall Practices," Zango (formerly known as 180 Solutions) promised to stop its secretive ways and make its software installations process far more transparent.
And, having taken a briefing from the company last year over its policies and practices myself after a high-profile news cycle related to a controversial program on Facebook that led users to a download of Zango adware, it did seem that the company was making an honest effort to change its ways.
However, according to several pieces published by Boyd over the last week, the researcher clearly feels that Zango has crossed back over to its more nefarious ways.
In several previous posts the researcher has questioned Zango's adware installation techniques in relation to adult sites and a movie site, in both cases calling the company out for doing business with domains that dupe users into taking on its programs.
And now today, in an even more detailed and seemingly damning report, Boyd has tracked the twists and turns of an offer to download a Batman-themed video game that certainly seems to leave users wanting while their computers absorb Zango's adware (which typically leads to pop-up adverts and other nuisances once downloaded).
Following the trail, Boyd traces out how a user is led to believe they are getting a newly-released Batman game, but ends up with a poor quality game demo released in 2001, along with a Zango adware program whose presence is fairly well buried from a user perspective.
Now, of course the Batman ploy is not operated by Zango itself, but the whole issue traces back to the makeup of the affiliate networks that companies like Zango use to distribute their software, and more importantly how good of a job the company does in making sure that its partners are not misleading end users into downloading its programs.
It would seem that, based on the new Paperghost research, Zango still has a ways to go in terms of improving its process and vetting its affiliates.
So make sure that the programs you want to download are just that, and don't include unwanted software you never thought you'd end up with in the first place.
Matt Hines has been following the IT industry for over a decade as a reporter and blogger, and has been specifically focused on the security space since 2003, including a previous stint writing for eWeek and contributing to the Security Watch blog. Hines is currently employed as marketing communications manager at Core Security Technologies, a Boston-based maker of security testing software. The views expressed herein do not necessarily represent the views of Core Security, and neither the company, nor its products and services will be actively discussed in the blog. Please send news, research or tips to SecurityWatchBlog@gmail.com.