Leaked: Avast antivirus is selling highly sensitive web browsing data to the world's biggest companies

Prorootect

Level 69
Thread author
Verified
Nov 5, 2011
5,855
Leaked: Avast antivirus is selling highly sensitive web browsing data to the world's biggest companies

by Joseph Cox on vice.com
Jan 27 2020

An Avast antivirus subsidiary sells 'Every search. Every click. Every buy. On every site.' Its clients have included Home Depot, Google, Microsoft, Pepsi, and McKinsey.

An antivirus program used by hundreds of millions of people around the world is selling highly sensitive web browsing data to many of the world's biggest companies, a joint investigation by Motherboard and PCMag has found. Our report relies on leaked user data, contracts, and other company documents that show the sale of this data is both highly sensitive and is in many cases supposed to remain confidential between the company selling the data and the clients purchasing it.

The documents, from a subsidiary of the antivirus giant Avast called Jumpshot, shine new light on the secretive sale and supply chain of peoples' internet browsing histories. They show that the Avast antivirus program installed on a person's computer collects data, and that Jumpshot repackages it into various different products that are then sold to many of the largest companies in the world. Some past, present, and potential clients include Google, Yelp, Microsoft, McKinsey, Pepsi, Sephora, Home Depot, Condé Nast, Intuit, and many others. Some clients paid millions of dollars for products that include a so-called "All Clicks Feed," which can track user behavior, clicks, and movement across websites in highly precise detail.


Avast claims to have more than 435 million active users per month, and Jumpshot says it has data from 100 million devices. Avast collects data from users that opt-in and then provides that to Jumpshot, but multiple Avast users told Motherboard they were not aware Avast sold browsing data, raising questions about how informed that consent is.

The data obtained by Motherboard and PCMag includes Google searches, lookups of locations and GPS coordinates on Google Maps, people visiting companies' LinkedIn pages, particular YouTube videos, and people visiting porn websites. It is possible to determine from the collected data what date and time the anonymized user visited YouPorn and PornHub, and in some cases what search term they entered into the porn site and which specific video they watched.
1580086523070-avastdata

An infographic showing the supply chain of browsing data from Avast through to Jumpshot's clients. Image: Motherboard

-read MUCH more on vice.com ...
 

Prorootect

Level 69
Thread author
Verified
Nov 5, 2011
5,855
However, the data collection is ongoing, the source and documents indicate. Instead of harvesting information through software attached to the browser, Avast is doing it through the anti-virus software itself.

Now I finally know wholly, why I had never put my trust in Avast, never downloading it.
Bad antivirus I knew, but bad privacy practices - this I didn't know until today.
So I have a natural gift for foresight...
 

Prorootect

Level 69
Thread author
Verified
Nov 5, 2011
5,855
Why Pepsi wants my browsing data?
To bite into them like a delicacy...;)

Do you remember the last time you cleaned your #browser history? Storing your browsing history for a long time can take up memory on your device and can put your private info at risk. Read our blog post to learn how to clear your browsing history.
 

TairikuOkami

Level 35
Verified
Top Poster
Content Creator
Well-known
May 13, 2017
2,453

Prorootect

Level 69
Thread author
Verified
Nov 5, 2011
5,855
Open source companies build trust by sharing the entirety of their codebase to the public. If the buyer has a question about the software, they can audit it themselves and communicate with the authors. This transparency builds trust.
Enterprise buyers use third parties to buy software. They consult Gartner, Forrester, and others to establish trust in vendors. These research agencies diligence software products directly and through surveys. This is the reason analyst relations are so important. Presence on the magic quadrant confers trustworthiness.
Of course, trust doesn't stop with marketing. Slimy sales practices provokes distrust. Shoddy product quality erodes trust. Slow or opaque customer support also erodes trust. Every interaction with a customer is an opportunity to engender or erode trust.
Brands are so valuable because they are the encapsulation of years long efforts to engender trust. That's why Apple's brand is worth about one-quarter of their market cap. Trust accelerates sales cycles, creates long term defensibility, and increases the value of a business overall. It's the core purpose of marketing.
- from
Trust is at the Core of Software Marketing article on tomtunguz.com: Trust is at the Core of Software Marketing


Antivirus softwares are not open source...
I don't have antivirus...
 

TairikuOkami

Level 35
Verified
Top Poster
Content Creator
Well-known
May 13, 2017
2,453
Avast is trying to find ways to bankrupt themselves they are doing a great job of it so far.
Management is looking for ways to get a nice pay check, but they do not realize, it will be just a temporary one.
Sadly, this will bring down Avast, AVG and CCleaner and all people, who worked hard for years to improve them.

 

TairikuOkami

Level 35
Verified
Top Poster
Content Creator
Well-known
May 13, 2017
2,453
Does this supose affects ccleaner and avg too ?
There are Avast persistent tasks left after AVG removal. Also CCleaner has already so many processes to keep it updated, as if its life depended on it. Considering, that CCleaner is supposed to cleanup privacy related stuff, I would not be surprised, if it was reporting it back home.
 

Lord Ami

Level 21
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Sep 14, 2014
1,026
What is really odd is that the same company produces "Avast AntiTrack" and what not.
+ has Blog posts talkinga bout "Privacy". Joke!

Too bad Avast has lost its cause... It used to be a great software!
 

XLR8R

Level 4
Jan 20, 2020
164
Management is looking for ways to get a nice pay check, but they do not realize, it will be just a temporary one.
Sadly, this will bring down Avast, AVG and CCleaner and all people, who worked hard for years to improve them.



I was, what you'd call, a lifelong customer of AVG. Having used their paid products from AVG 6.x days all the way to the day they got bought out by Avast.

After the buyout, I noticed a lot of changes in AVG and none for the better. Hangups, bugs, crashes, shady extensions, constant pushing for other AVG products/PC TuneUp, tech support that went from being well-trained and professional to BPO outsourced to Asian firms, and finally these privacy concerns.

My license still lasts a decent bit, but I am done with AVG. The market share results of OPSWAT released recently also say the same, Avast and AVG both went down after the acquisition. I am not sure what the management is thinking.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top