Researchers blast Swedish developer WakeNet AB for ‘deceptively’ spreading adware

Bad actors are using tools like 'embed movie' to coax victims into installing software that house adware

Graphic of pop-up advertising appearing on-screen

A pay-per-install (PPI) software firm has been accused of using increasingly deceptive tactics to convince online users to install potentially harmful software - while generating large revenues in the process, it has been claimed by security researchers. 

WakeNet AB, which develops e-marketing platform FileCapital, offers malicious actors the tools to spread infected files and adware. These potentially unwanted programmes (PUPs) have the semblance of software with useful functionality, but pose risks to users and can seriously hamper performance.

FileCapital, the software under fire, allows malicious actors to install several PUPs on users' machines, including Wajam, which replaces display advertising with its own, and OnlineApp, a proxy which routes traffic through its own servers.

According to security researchers from McAfee, more than 1.9 million detections were seen in the wild during a 10 month period from September 2017 and June 2018 - predominately targeting devices in Germany, but also the UK and US. Overall, there were infections present in 178 countries.

Advertisement - Article continues below
Advertisement - Article continues below

"WakeNet AB has remained active for 19 years with little outcry," according to McAfee's senior security scientist Oliver Devane and security researcher Charles Crofford, who warned that installing FileCapital leads to PUP infections.

"Meanwhile, PUPs, which are more numerous than malware, plague users around the world. PUP development is unlikely to slow because they earn their distributors considerable sums.

"The security industry needs to do more to investigate companies that create PUPs and raise awareness among customers of their bad practices."

FileCapital offers its customers a variety of marketing tools such as embedded movies, landing pages, banners and buttons to coax victims into installing bundled apps that house different PUPs.

An online user, for instance, may believe they are installing a helpful performance cleaner onto their machine, only to find this is disguised as malicious software that could lead to reduced performance and the appearance of pop-up advertising.

The embed movie function, which is described as "by far the worst" function, can allow customers to create a fake video website to show a 'codec missing' message and entice users into downloading the bundled installer. This feature is normally prevalent on illegal football and film streaming websites.

Advertisement - Article continues below

Meanwhile, the revenue WakeNet AB generated in one year through misusing pay-per-install, according to McAfee, put it above some of the most prevalent ransomware strains - with its 2017 financial statements showing the company reaped $2 million.

"As of now, it seems unlikely that PUP development will slow since it helps their distributors earn a considerable amount of money," said McAfee's chief consumer security evangelist Gary Davis.

"With that said, it's important now more than ever for users to be aware of the security risks involved with PUPs like the ones spread by WakeNet's FileCapital."

IT Pro contacted WakeNet AB for comment but it had not responded to our request at the time of publication. 

Featured Resources

Digitally perfecting the supply chain

How new technologies are being leveraged to transform the manufacturing supply chain

Download now

Three keys to maximise application migration and modernisation success

Harness the benefits that modernised applications can offer

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

The 3 approaches of Breach and Attack Simulation technologies

A guide to the nuances of BAS, helping you stay one step ahead of cyber criminals

Download now

Most Popular

operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020
Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020
General Data Protection Regulation (GDPR)

Data protection fines hit £100m during first 18 months of GDPR

20 Jan 2020