Interesting article on malicious toolbars

  • 22 December 2013
  • 38 replies
  • 21 views

Userlevel 7
It calls out some big names in the AV industry...
 
http://www.huffingtonpost.com/gary-m-kaye/sneak-attack-those-annoyi_b_4444859.html
 

38 replies

Userlevel 7
Now that IS an interesting article.
Userlevel 2
Title of this thread needs to be edited. Toolbars are NOT malicious and never have been. As in matter of fact the author clearly says " and while they are considered adware and annoying, they are not considered harmful or malicious. Therefore, they don't qualify for anti-virus protection.". The title of the article goes:
"Sneak Attack -- Those Annoying Toolbars You Never Wanted"
 
Thanks. 99% of toolbars are installed by user who haphazardly click "next, next and next". 
 
 
http://www.huffingtonpost.com/gary-m-kaye/sneak-attack-those-annoyi_b_4444859.html
Userlevel 7
GTR707, I disagree. To many average computer users who install a known good program only to have the toolbars install along with the program then cause a multitude of problems, they are as malicious as any other malware.

I consider myself an advanced user, and I have even accidentally installed programs that I did not intend to due to how the add on was written. I had to go back twice and read it several times during install to see where I was accepting it.

Any program that installs without the user wanting it to and changing the way the computer operates is malicious.
Userlevel 7
@ wrote:
GTR707, I disagree. To many average computer users who install a known good program only to have the toolbars install along with the program then cause a multitude of problems, they are as malicious as any other malware.

I consider myself an advanced user, and I have even accidentally installed programs that I did not intend to due to how the add on was written. I had to go back twice and read it several times during install to see where I was accepting it.

Any program that installs without the user wanting it to and changing the way the computer operates is malicious.
I don't consider most of them to be Malware.  The ones that truly hijack the browser yes, but many I do not.  I DO believe they are all annoyware or worse though.
 
Your thread title is perfect as it though.. It grabs attention and is more likely to get people to READ it, and learn from it, which was the whole point of your post to begin with.  Please don't change it, I think it is more effective as is!
Userlevel 7
By the way, further in the article the author does call toolbars malicious:

"The most common way to land up with one of these malicious toolbars is through unsafe surfing, or by responding to some free download that you thought was legit."
Userlevel 2
I have never ever been infected nor have I ever had a toolbar sneak by me. Everything and anything I install on my pc I read carefully. Toolbars are NOT malicious and can be removed easily via add/remove programs. Some redirect your searches to there search engine which is easily correctable. Google Chrome now features a browser reset function. AdwCleaner can remove any left overs. Sure some installers try to be sneaky to the untrained eye like graying out your options to uncheck them. But toolbars are directly installed by the user. 
 
~ snip Links to third-party security vendors will be removed.as per Community Guidelines ~
 
Read what you quoted. It explains all. The thread title is incorrect. Toolbars are not malicious and do nothing malicious to your pc. All they do is make annoying changes to your browser. They are easily removed in seconds. 
Userlevel 7
In my title, I used the words "malicious toolbars." In what I quoted from the author, he used the words "malicious toolbars." So I am not changing the title. Just because you do not think they are malicious does not mean that everybody shares the same opinion.

The article lays groundwork explaining that they can be malicious to the average user.
Userlevel 7
Badge +6
Most viruses are also installed by the user. Their determination of if something is safe or a good idea to run is not really of importance. Thankfully many have the sense to pay someone else (like Webroot) to assist in this determination. 
 
They are malicious in that they have no good intentions. It's about tricking and exploiting people. There is no legitimate purpose for these pieces of software. It's about gumming up the computer and hardware someone paid good money for just out of greed.
 
In general they are not malware. Which is why there is the PUA classification. So AV firms can remove this junk without having to call it malware.
 
 
Userlevel 7
@ wrote:
Most viruses are also installed by the user. Their determination of if something is safe or a good idea to run is not really of importance. If users knew what they were doing, AV's only function would acting as a final layer in a worst case scenario. 
 
They are malicious in that they have no good intentions. It's about tricking people. There is no legitimate purpose for these pieces of software.
In general they are not malware.
Which is why there is the PUA classification. So AV firms can remove this junk without having to call it malware.
 
 
And AV companies, Webroot included, are now beginning to detect and remove more and more of the worst of these.
Userlevel 2
There's a sucker born everyday. Do you sign your name on the dotted line without reading the fine print? No. Same thing. If you just amorously click next, next and next without reading what the installer is doing then you are directly responsible for the toolbar which got installed on your browser. But its easier to blame others then point the finger at yourself. When I make house calls and see 2-3 toolbars installed and all beaches being re-directed to "ask.com" customers ask me "how did that happen". I look at them and say "You". 
 
He is an example. I saw a great Christmas screen saver offered at Softpedia.com. Softpedia is a completely legit web site. I downloaded and installed the screen saver. Upon installation I was to click "decline or accept" on 4 different offers and other software besides the screensaver installer. I clicked "decline" on everything and  when it was done all I was presented with was a nice screensaver. Common sense plays a huge factor here. 
 
People that pack these toolbars and other various offers do it cause they know people are dumb enough to do it. I see it everyday. Every house call. Just was at my cousins house removing NIS and installing WSA. He had  the "ask" toolbar then wondered how it got there. Well he also lets his daughter use his Admin login but thats another story. Either way toolbars are installed by carelessness. 
Userlevel 7
Badge +6
Up and down the stack, the fact that PUA software exists serves only as an indictment of humanity.
Userlevel 7
@ wrote:
There's a sucker born everyday. Do you sign your name on the dotted line without reading the fine print? No. Same thing. If you just amorously click next, next and next without reading what the installer is doing then you are directly responsible for the toolbar which got installed on your browser. But its easier to blame others then point the finger at yourself. When I make house calls and see 2-3 toolbars installed and all beaches being re-directed to "ask.com" customers ask me "how did that happen". I look at them and say "You". 
 
He is an example. I saw a great Christmas screen saver offered at Softpedia.com. Softpedia is a completely legit web site. I downloaded and installed the screen saver. Upon installation I was to click "decline or accept" on 4 different offers and other software besides the screensaver installer. I clicked "decline" on everything and  when it was done all I was presented with was a nice screensaver. Common sense plays a huge factor here. 
 
People that pack these toolbars and other various offers do it cause they know people are dumb enough to do it. I see it everyday. Every house call. Just was at my cousins house removing NIS and installing WSA. He had  the "ask" toolbar then wondered how it got there. Well he also lets his daughter use his Admin login but thats another story. Either way toolbars are installed by carelessness. 
Your example is precisly why the average user would consider some of these toolbars as malicious. They do not intend on installing it, and do not want it. It's actions change the behavior of their computer.
 
If every user was like us, this article would not exist. Most users are not computer experts though. They need their AV to protect them from all threats, including warning them about toolbars and other PUAs.
Userlevel 2
NO antivirus can protected common stupidity and click happy users. Sorry to be blunt but its truthful. 
Userlevel 7
@ wrote:
NO antivirus can protected common stupidity and click happy users. Sorry to be blunt but its truthful. 
See, although I agree that most infections are caused by the user, most of it is not due to stupidity. It is lack of being educated about the nuances of how infections and trojans work.
 
I do not know everything, so if someone teaches me something that I did not proviously know, does that mean I was stupid? I can design electronic circuits and draw schematics. Does that mean that the people who do not know how to do that are stupid? No, it means they have not been taught.
 
Many of the Webroot customers who come here to this forum are doing so because they have a question or an issue with something on their computer. Be careful throwing the "stupidity" label around. 
Userlevel 2
Stupidity maybe a strong or harsh word but when you make 10 housecalls in one day you will know what I mean. I go to peoples houses with a PHD and they still do not know how to safe surf. Heck they even make there paswords up buy using kids names and or birthdays. Lol. Safe surfing starts with common sense. DO NOT CLICK ON EVERYTHING YOU SEE. 
 
People spend anywhere from $500-1500 on a pc. Thats a good amount of money and a great investment. With that you should take the time to understand what it is and what you are doing. That's why Mac;s are so great cause you get a full year of FREE classes. 
 
Userlevel 7
With all of the add-on software that many manufacturers pre-install on their new computers, it would be nice to see them also pre-install a brief video or printable document showing just how viruses work. 
 
It would be great PR if a manufacturer stepped up to the plate and started doing that. Others would probably follow.
Userlevel 7
Badge +35
For the most part, toolbars are not malicious. Toolbars generally fall under "Potentially Unwanted Applications" and as most of you know we here at Webroot are detecting more and more PUAs. Typically, PUAs do require user interaction to install but they use so many social engineering techniques in their installers that it's pretty easy to understand why users almost always claim to not have knowingly installed them. There are also the "rogue affiliate" cases where they are silently installed with no user interaction, but these tend to be less common. The pay-per-install business model just asks to be exploited though, so it is hard to say how many users are actually having these PUAs installed via rogue installations as apposed to the traditional methods. 
 
For us security vendors, it doesn't help any that plugging any of the hijack URLs often associated with PUAs into a search engine will return pages of results for "how to remove so-and-so virus." Just as it doesn't help users that the first several search results (especially the ads - for a fun experiment search for "download skype" in both Google and Bing with any ad-blockers turned off and look at the results) for "download application name" will lead to a third-party "download manager" that will install PUAs along with the app that was intended to be downloaded in the first place. Education is key, users often wonder why the installer for an app was blocked, and we have to explain that it was likely a third-party download manager that was blocked and let them know that they should only download apps from the official download sites whenever possible.
 
-Dan
Userlevel 7
Badge +6
Yes, what I was trying to convey is that they are malicious in a human sense because they're tricking and sometimes scamming people for profit. However, they are not strictly malicious (malware) as understood in the realm of computer security.
 
I'll keep calling it malware amongst my personal professional relationships. I take the view that anything running against a user deserves no other label. We have enough labels for things like viruses/trojans where malware can be a big enough tent for everything created by people who shouldn't be able to sleep at night. I kindly invite them to go camping in the arctic in jeggings.
Userlevel 7
@ wrote:
Yes, what I was trying to convey is that they are malicious in a human sense, but they are not malware as in malicious in a computer sense.
YES! That is what I was trying to convey.
Userlevel 7
Badge +35
The "Detect Potentially Unwanted Applications" option is a way for us to distinguish software that doesn't have distinctly malicious intent from trojans, worms, etc. and give the user a choice whether to not detect them, just as those who distribute PUAs allow users to opt-in or opt-out of installing them (even though the opt-in and opt-out methods often use social engineering techniques to confuse users into installing the software - details, details ;)) I can't say that I've seen many complaits from users about detecting PUAs, and those that I have seen have usually been for the  third-party "download managers" in which case we will often guide the user to the offical download site for the app.
 
 
Userlevel 7
Badge +56
Thanks Dan I fully agree with you!
 
Cheers,
 
Daniel 😉
Userlevel 7
I wonder how many users have accidentally installed a toolbar they did not want, but are enduring it because they do not realize it is something that can be removed, even though it is aggravating them?
Userlevel 7
Badge +35
@ wrote:
I wonder how many users have accidentally installed a toolbar they did not want, but are enduring it because they do not realize it is something that can be removed, even though it is aggravating them?
Enough to make your head explode...
 
-Dan
Userlevel 7
Hey, Corey
 
I am sure that if we all look back we would have to admit that we have all done that at some time in the past...it is part of the learning process...like falling off a bike...you are a better rider thereafter. ;)
 
Regards
 
 
Baldrick
Userlevel 7
I really like Opera 18. I don't quite know what it is, but it seems to be lightning fast.

Reply