The cybercrime infrastructure is a ramified network of interrelated components that arrange for the entire malware deployment cycle, ranging from the distribution all the way to illicit gain. This workflow varies depending on the virus category. As far as adware is concerned, the increasingly powerful underground economy serving it mostly relies on the phenomenon called “bundling” proliferation-wise.
Bundling isn’t a bad concept in itself. It denotes the process where an application is delivered to computers as a package to hardware or along with third-party software. A well-balanced contractual relationship between different vendors, which is backed by industry ethics and business guidelines, makes such a promotion method mutually beneficial for the interested parties while causing no inconveniences to the end users. Here’s what AppDirect, a well-known cloud service marketplace, has to say in this regard:
When properly designed, bundles provide a user-friendly method to increase productivity because the applications are integrated to improve workflow and efficiency when performing routine tasks.
Regrettably, malware distributors are actively exploiting this technique to infect PCs with malicious code. In particular, said unfortunate tendency largely applies to adware. The IT security industry has seen some infamous examples of software bundling in its bad embodiment. The peer-to-peer client called LimeWire was known to push a browser toolbar which would redirect all searches to Ask.com without appropriate user consent. Another app, PDFCreator, has been accused of promoting the MyStart adware by Incredibar, the SweetIM spyware and the potentially unwanted Entrusted Toolbar. The 3wPlayer utility was often packaged with Adware.Lop, which would forcibly replace the user’s browsing preferences with values of its own.
The main vector of the present-day malicious bundling schemes involves freeware and shareware. As a demonstrative example, one of the widespread adware programs in the wild called AdChoices, which inserts unauthorized advertisements inside websites visited from a compromised machine, is spreading with free apps or torrents available at thepiratebay and dubious online resources.
In order to avoid this sort of collateral damage from downloading programs that are free of charge, it’s recommended to carefully explore their installation wizards for opt-outs, which might be hidden behind custom setup options. Un-ticking one inconspicuous checkmark may save the user some trouble of subsequent adware cleaning.