14 DAY TRIAL // Plenty of software products bundle additional components from third-party vendors during the installation process and instances where the extra code is not to the advantage of the end user are far from being uncommon.
By most standards, potentially unwanted applications (PUAs) fall into this category and the nastiest of them can inject malicious code, request sensitive information from the user or simply extract it without consent.
PUAs present a concealed risk
More than 22.5 million of them caused different editions of Avira antivirus product to raise the flag last month, due to suspicion of misleading users into adding potentially damaging code to their systems.
Avira adheres to the above mentioned characteristics for PUAs (also known as PUPs - potentially unwanted programs), adding in a blog post on Tuesday that payment processing apps that could overcharge the user, as well as products that add unwanted advertising or require elevated privileges, are also included in this category.
The vendor defines this type of software as not necessarily harmful in the classic sense but with an undesirable behavior from the user’s point of view.
Top five PUAs detected by Avira
Out of the millions of PUAs identified last month, Avira highlights five of them as being the most prevalent.
These are iLivid, SeaSuite, SoftPulse, NextLive and OptimizerPro. Their behavior includes pulling advertisements from other sources, redirecting web searches to other services, changing browser settings, and downloading toolbars.
In the case of OptimizerPro, Avira says that apart from delivering unwanted pop-ups and advertisements, it also tracks browser navigation and acts as scareware, tricking users into paying for bogus performance improvements for their system.
Guidelines published for software vendors
“We believe in the free internet, and therefore accept advertising as means to sponsor content, however downloading free software does not imply agreeing to also install unwanted or unknown applications on your device,” said Travis Witteveen, Chief Executive Officer of Avira.
To contribute to users’ safety, Avira has published its set of accepted guidelines for software providers, which allow them to shape their products so that they are not detected as a potential harm by the German antivirus product.
The recommendations are not far-fetched and should be in tune with the detection radar of other security solutions.