Avast Antivirus Was Spying On You with Adware (Until This Week)

Status
Not open for further replies.

Petrovic

Level 64
Thread author
Verified
Honorary Member
Top Poster
Well-known
Apr 25, 2013
5,354
650x319xScreenshot_10_21_14__10_48_PM.png.pagespeed.ic.ewTblm32hc.webp


We warned you at the beginning of the year that many of your browser extensions are spying on you, tracking what you are visiting, and even inserting ads into pages. These aren’t just no-name developers either: even Avast, one of the most trusted antivirus vendors was in on the game.

Before we go even one step further, it’s important to note that they recently disabled the spying “shopping” feature in their browser extension. So if you are running the latest Chrome with extensions updated, you are fine. For now.

So Avast has stopped integrating the spying extension, but this is about the principle: you should be able to trust your antivirus provider. Why are they adding a feature that spies on your browsing, inserts ads… and all without properly notifying you?

And why, at the same time, are they claiming to stop spyware, even uninstalling other shopping extensions from other vendors, while they were doing the same thing they are supposed to stop?

650x385xavast_removes_addons.png.pagespeed.ic.Psee9pQPb0.png

Avast removes other Shopping extensions while leaving theirs enabled

On our test system, the only spyware and crapware that Avast actually detected and removed were the ones that competed with their own shopping extension.

Avast Online Security Extension Added a “Shopping” Component
avast_extension_9_0_safeprice_addition.png

No, the install process didn’t tell us about this.

About a week ago, we were playing around with installing a lot of nonsense from crapware sites, so we loaded up trusty Avast antivirus to see how much of the malware it would actually catch during the process. We were shocked to find out that some of the adware wasn’t from a third-party, but from Avast itself.

The problem lies in the SafePrice component of their Online Security extension, which adds shopping recommendations (ads) as you are browsing around the web.

Here’s the thing: many people actually want shopping extensions that help them find better prices — in fact, one of the HTG staff writers recently asked me what the best way to find better prices was. As a standalone product, if you specifically and deliberately choose to install something like this, there’s nothing wrong with it.

The problem is that Avast snuck this component in to their browser extensions that have at least 10 million users for the Chrome version alone. And then they enabled it by default.

Note: as we were doing research for this article, they updated their extension to not include the shopping feature, but it was there since maybe around last December.

Spying, You Say?
You might remember earlier how we said that this extension is spying on you, and unlike many websites, we’re definitely not going to make some claim like that without proof of what is really going on. So we loaded up Fiddler to see what’s really going on behind the scenes and under the hood and behind the curtain.

As it turns out, every single URL that you visit was being sent to Avast servers — first there would be a check to /urlinfo on one of their servers, passing in a unique ID that represents you on every single request. In this way they can build a list of every single page you have ever visited. They claim on their web site that they remove all personally identifying information, but how, exactly, are they able to do that when they are tracking every single page you visit and sending back that URL with a unique ID to represent you?

650x488xScreenshot_10_21_14__10_33_PM.png.pagespeed.ic.0Gx5xFXP8u.png


That unique tracking ID is the biggest problem here: while it might not identify you by name, it’s enough to tie your whole browsing history together, and that’s a scary thing.

And remember, you didn’t ask for this. You just wanted to keep yourself safe online with a trusted antivirus provider.

The Bottom Line: Browser Extensions Have Wayyyy Too Much Power
This behavior, while ridiculous and sad from a company you should trust, isn’t new at all. Almost every product and service on the internet and almost every browser extension, app, and website, are doing some form of tracking. Here on How-To Geek we use Google Analytics to see our site statistics, and our advertisers probably use a lot of other tracking that we can’t control. And it’s the same with every single web site.

Personal information and big data have become the standard; because after all: if a product is free, the real product is you. If you are browsing and reading a completely free web site, it’s not that big of a deal… after all, sites like ours need to pay our writers, and advertisements are the only way to do that. The problem is when it’s across everything you do.

ximg_5447f848e58b6.png.pagespeed.ic.rib2TlE53A.png


The problem is that most browser extensions have access to everything you are seeing on the internet, across every web site. And they aren’t properly disclosing this to you.

So the next time an extension says it can “Read and modify all your data on the websites you visit”, perhaps you should click that “Remove from Chrome” button instead.
Source
:eek:
 

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
FYI: SafePrice was removed from Avast Online Security on 22 July 2014.

"SafePrice removed from avast! Online Security to comply with Google's advice for a single purpose policy.
upload_2014-8-17_23-1-37-png.18072

SafePrice is still available here - avast! SafePrice."
See more, http://malwaretips.com/threads/avast-online-security-browser-extension.16865/

Over 2 million users spied on by this extension
upload_2014-10-22_22-25-43.png



Avira also have Avira Savings Advisor on Chrome Web Store
I believe it uses the same services as Avast SafePrice, but less users victimised as Avira doesn't have it bundled in one extension nor installed by Avira Free Antivirus.
 

nissimezra

Level 25
Verified
Apr 3, 2014
1,460
thx

nothing new here, once you install windows vista and higher Microsoft is tracking you, what ever you do on the computer MS knows. unless you remove the tasks but only few are aware of it.

why avast can't and Microsoft can? avast is free but MS is not that's much worst
 
G

Guest28

Someone just posted about this on avast forums. VLK said they have an answer. https://forum.avast.com/index.php?topic=157693.0

Thank you Kenny. The article contains a lot of incorrect information and mixes some facts together (such as the traffic generated by SafePrice and the traffic generated by the URL and antiphishing requests). We are preparing a more concise answer, please stay tuned.
 
S

Sr. Normal

Hello everyone

It's the price of free products.

Avast has become a "zombie" customers (not all, but a large percentage ), who are sure that theirs is the best and trust blindly .

Thanks for the information, it is really necessary for those who see beyond Avast when we want a good free antivirus.

Have a nice day.
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top