Researchers blast Swedish developer WakeNet AB for ‘deceptively’ spreading adware

Bad actors are using tools like 'embed movie' to coax victims into installing software that house adware

Graphic of pop-up advertising appearing on-screen

A pay-per-install (PPI) software firm has been accused of using increasingly deceptive tactics to convince online users to install potentially harmful software - while generating large revenues in the process, it has been claimed by security researchers. 

WakeNet AB, which develops e-marketing platform FileCapital, offers malicious actors the tools to spread infected files and adware. These potentially unwanted programmes (PUPs) have the semblance of software with useful functionality, but pose risks to users and can seriously hamper performance.

FileCapital, the software under fire, allows malicious actors to install several PUPs on users' machines, including Wajam, which replaces display advertising with its own, and OnlineApp, a proxy which routes traffic through its own servers.

According to security researchers from McAfee, more than 1.9 million detections were seen in the wild during a 10 month period from September 2017 and June 2018 - predominately targeting devices in Germany, but also the UK and US. Overall, there were infections present in 178 countries.

"WakeNet AB has remained active for 19 years with little outcry," according to McAfee's senior security scientist Oliver Devane and security researcher Charles Crofford, who warned that installing FileCapital leads to PUP infections.

"Meanwhile, PUPs, which are more numerous than malware, plague users around the world. PUP development is unlikely to slow because they earn their distributors considerable sums.

"The security industry needs to do more to investigate companies that create PUPs and raise awareness among customers of their bad practices."

FileCapital offers its customers a variety of marketing tools such as embedded movies, landing pages, banners and buttons to coax victims into installing bundled apps that house different PUPs.

An online user, for instance, may believe they are installing a helpful performance cleaner onto their machine, only to find this is disguised as malicious software that could lead to reduced performance and the appearance of pop-up advertising.

The embed movie function, which is described as "by far the worst" function, can allow customers to create a fake video website to show a 'codec missing' message and entice users into downloading the bundled installer. This feature is normally prevalent on illegal football and film streaming websites.

Meanwhile, the revenue WakeNet AB generated in one year through misusing pay-per-install, according to McAfee, put it above some of the most prevalent ransomware strains - with its 2017 financial statements showing the company reaped $2 million.

"As of now, it seems unlikely that PUP development will slow since it helps their distributors earn a considerable amount of money," said McAfee's chief consumer security evangelist Gary Davis.

"With that said, it's important now more than ever for users to be aware of the security risks involved with PUPs like the ones spread by WakeNet's FileCapital."

IT Pro contacted WakeNet AB for comment but it had not responded to our request at the time of publication. 

Featured Resources

Next-generation time series: Forecasting for the real world, not the ideal world

Solve time series problems with AI

Free download

The future of productivity

Driving your business forward with Microsoft Office 365

Free download

How to plan for endpoint security against ever-evolving cyber threats

Safeguard your devices, data, and reputation

Free download

A quantitative comparison of UPS monitoring and servicing approaches across edge environments

Effective UPS fleet management

Free download

Recommended

Nigerian cyber criminals target Texas unemployment system
cyber security

Nigerian cyber criminals target Texas unemployment system

27 May 2021
Hackers use open source Microsoft dev platform to deliver trojans
Security

Hackers use open source Microsoft dev platform to deliver trojans

14 May 2021

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans
Laptops

Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans

11 Oct 2021
PayPal dismisses $45 billion Pinterest takeover as "market rumour"
Acquisition

PayPal dismisses $45 billion Pinterest takeover as "market rumour"

25 Oct 2021