Researchers blast Swedish developer WakeNet AB for ‘deceptively’ spreading adware

Bad actors are using tools like 'embed movie' to coax victims into installing software that house adware

Graphic of pop-up advertising appearing on-screen

A pay-per-install (PPI) software firm has been accused of using increasingly deceptive tactics to convince online users to install potentially harmful software - while generating large revenues in the process, it has been claimed by security researchers. 

WakeNet AB, which develops e-marketing platform FileCapital, offers malicious actors the tools to spread infected files and adware. These potentially unwanted programmes (PUPs) have the semblance of software with useful functionality, but pose risks to users and can seriously hamper performance.

FileCapital, the software under fire, allows malicious actors to install several PUPs on users' machines, including Wajam, which replaces display advertising with its own, and OnlineApp, a proxy which routes traffic through its own servers.

According to security researchers from McAfee, more than 1.9 million detections were seen in the wild during a 10 month period from September 2017 and June 2018 - predominately targeting devices in Germany, but also the UK and US. Overall, there were infections present in 178 countries.

"WakeNet AB has remained active for 19 years with little outcry," according to McAfee's senior security scientist Oliver Devane and security researcher Charles Crofford, who warned that installing FileCapital leads to PUP infections.

"Meanwhile, PUPs, which are more numerous than malware, plague users around the world. PUP development is unlikely to slow because they earn their distributors considerable sums.

"The security industry needs to do more to investigate companies that create PUPs and raise awareness among customers of their bad practices."

FileCapital offers its customers a variety of marketing tools such as embedded movies, landing pages, banners and buttons to coax victims into installing bundled apps that house different PUPs.

An online user, for instance, may believe they are installing a helpful performance cleaner onto their machine, only to find this is disguised as malicious software that could lead to reduced performance and the appearance of pop-up advertising.

The embed movie function, which is described as "by far the worst" function, can allow customers to create a fake video website to show a 'codec missing' message and entice users into downloading the bundled installer. This feature is normally prevalent on illegal football and film streaming websites.

Meanwhile, the revenue WakeNet AB generated in one year through misusing pay-per-install, according to McAfee, put it above some of the most prevalent ransomware strains - with its 2017 financial statements showing the company reaped $2 million.

"As of now, it seems unlikely that PUP development will slow since it helps their distributors earn a considerable amount of money," said McAfee's chief consumer security evangelist Gary Davis.

"With that said, it's important now more than ever for users to be aware of the security risks involved with PUPs like the ones spread by WakeNet's FileCapital."

IT Pro contacted WakeNet AB for comment but it had not responded to our request at the time of publication. 

Featured Resources

BIOS security: The next frontier for endpoint protection

Today’s threats upend traditional security measures

Download now

The role of modern storage in a multi-cloud future

Research exploring the impact of modern storage in defining cloud success

Download now

Enterprise data protection: A four-step plan

An interactive buyers’ guide and checklist

Download now

The total economic impact of Adobe Sign

Cost savings and business benefits enabled by Adobe Sign

Download now

Recommended

The Ritz suffers data breach after hackers pose as staff
data breaches

The Ritz suffers data breach after hackers pose as staff

17 Aug 2020
Russia hacked Liam Fox's personal email to steal trade documents
phishing

Russia hacked Liam Fox's personal email to steal trade documents

4 Aug 2020
British teenager charged over Twitter hack
hacking

British teenager charged over Twitter hack

3 Aug 2020
Mid-year report says vulnerabilities up 22% in 2020
hacking

Mid-year report says vulnerabilities up 22% in 2020

30 Jul 2020

Most Popular

16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

16 Sep 2020
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

16 Sep 2020
Nokia will replace Huawei as BT's largest 5G equipment provider
5G

Nokia will replace Huawei as BT's largest 5G equipment provider

29 Sep 2020