Spawn

Administrator
Staff member
Verified
Source: Let adware be treated as malware, Canuck boffins declare after breaking open Wajam ad injector

Read [PDF] - Privacy and Security Risks of “Not-a-Virus” Bundled Adware: The Wajam Case


Working with professor Mohammad Mannan, de Carné de Carnavalet collected 52 samples of the ad injector Wajam – which has gone by different names over the years – spanning from 2013 through 2018 in order to study its chronological evolution. The samples contain more sophisticated anti-analysis and rootkit-like features than would be typically found in the most advanced malware.
Despite these findings, eight years on, Wajam lives on, under an assumed name and a different legal jurisdiction. The Register emailed Iron Mountain Technology in the hope of discussing the software but we've not heard back.
"Advertising is not inherently bad, nor malicious," said de Carné de Carnavalet. "The ads displayed by Wajam are not known to be malicious either. However, Wajam could be considered as malicious due to the personal data it collects, insecurely, from users, including their browsing and download histories, and all search queries that the user makes."

He notes that it's doubtful users of Wajam, Social2Search or SearchAwesome would allow the software to operate as it does if they understood how it works and how it collects information.
 

SumTingWong

Level 22
Verified
Adware should be treated as malware because it is stubborn like malware.

PUP should be treated as malware too, but some will say PUP is depend on the user to justify if the app is PUP or not. For instance, ESET detects Iobit Uninstaller as a PUP, but I install it on my own.
 
  • Like
Reactions: Nestor and stefanos