Jump to content

Avast Online Security and Avast Secure Browser are spying on you


Recommended Posts

Avast Online Security and Avast Secure Browser are spying on you


Are you one of the allegedly 400 million users of Avast antivirus products? Then I have bad news for you: you are likely being spied upon. The culprit is the Avast Online Security extension that these products urge you to install in your browser for maximum protection.

But even if you didn’t install Avast Online Security yourself, it doesn’t mean that you aren’t affected. This isn’t obvious but Avast Secure Browser has Avast Online Security installed by default. It is hidden from the extension listing and cannot be uninstalled by regular means, its functionality apparently considered an integral part of the browser. Avast products promote this browser heavily, and it will also be used automatically in “Banking Mode.” Given that Avast bought AVG a few years ago, there is also a mostly identical AVG Secure Browser with the built-in AVG Online Security extension.

When Avast Online Security extension is active, it will request information about your visited websites from an Avast server. In the process, it will transmit data that allows reconstructing your entire web browsing history and much of your browsing behavior. The amount of data being sent goes far beyond what’s necessary for the extension to function, especially if you compare to competing solutions such as Google Safe Browsing.

Avast Privacy Policy covers this functionality and claims that it is necessary to provide the service. Storing the data is considered unproblematic due to anonymization (I disagree), and Avast doesn’t make any statements explaining just how long it holds on to it.

Link to post
Share on other sites

25 minutes ago, Gt-truth said:

Norman AV should also be not recommends because either AVG or AVAST has bought Norman company

One of the things that frustrates me most is the consolidation of so many great AV/AM/AS tools/products/companies throughout the years, and it is almost always the same story.  One of the big fish consumes one or more of the smaller fish because the smaller fish was in a unique niche doing something that the big fish envied, so they make the acquisition only to eventually either kill off the small fish's product or integrate it into their 'suite' where it lives on as a shadow of its former self, usually losing much of what made it unique and effective.  It also means that the bad guys end up with one less engine/set of technologies/group of researchers and devs to deal with.

This is one of the many reasons I respect Malwarebytes, because throughout the years they have had many offers from big AVs trying to acquire them but they have so far stuck to their guns and refused all offers because they know all too well what usually ends up happening.  Additionally, when they have made acquisitions of other companies/products they have always ensured that the developers, researchers and unique technologies lived on and remained as effective as they had always been, usually improving upon them following their acquisition (and when it makes sense, continuing to offer them as standalone products/tools), and at least so far I haven't seen a single instance where a tool/product lost its effectiveness after acquisition, I have only ever seen them either remain as effective as ever, and usually actually improving after coming under the control of Malwarebytes.

Link to post
Share on other sites

Wow. gr8 that MBAM stands tall among others..

On Av's tracking, is there anything in T&C's that gives them this liberty?

Busted: Kaspersky AV Tracks Your Every Click


Kaspersky Lab’s endpoint security products track your web activity. All of it—the Russian company even monitors visits to https-secured websites.

The AV software inserts a JavaScript bug in every webpage you load. Incredibly, Kaspersky included a unique identifier that allows any other website to track you, too. The company has patched that latter behavior, but the Russian tracking remains in place.

Yevgeny Valentinovich “Eugene” Kaspersky (pictured) is probably right to look red-faced. In today’s SB Blogwatch, we click Uninstall.

Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: humorless 74’ driver.

KAV is Spyware

What’s the craic? Ronald Eikenberg puns it up—“Kasper-Spy: Kaspersky Anti-Virus puts users at risk”:

 A data leak allowed third parties to spy on users while they were surfing the web. For years.

An external JavaScript script named main.js was being loaded from a Kaspersky domain. … When I checked the HTML source of other websites … I found the strange code on each and every page. Without exception, even on the website of my bank, a script from Kaspersky was introduced.

The simple conclusion was that Kaspersky’s virus protection was manipulating my traffic. Without my permission, it was injecting that code. [And] the address from which the Kaspersky script was loaded contained a … permanently assigned ID … (UUID).

That’s a remarkably bad idea. Other scripts … can read the Kaspersky ID [so] any website can read the user’s Kaspersky ID and use it for tracking. … Kaspersky has created a dangerous tracking mechanism that makes tracking cookies look old [and] can even overcome the browser’s incognito mode.

At this point, it was clear that this was a serious security issue.

Um, no ****, Sherlock. A well-read Shaun Nichols asks, “Quis custodiet ipsos custodes?”:

Link to post
Share on other sites

@Gt-truth @exile360


Is Your Antivirus Tracking You? You’d Be Surprised At What It Sends


This is a 2014 article but would say very valid..

Only Antlab & Emsisoft are exceptions with least tracking, no sensitive info is paseed on by these products.

Your antivirus software is watching you. A recent study shows that popular antivirus applications like Avast assign your computer a unique identifier and send a list of all web addresses you visit to the manufacturer. If the antivirus finds a suspicious document, it will send the document to the antivirus company. Yes, your antivirus company might have a list of web pages you’ve visited along with your sensitive personal documents!

AV-Comparatives’ Data Transmission Report
We’re getting this information from AV-Comparative’s Data transmission in Internet security products report, released on May 8, 2014. AV-Comparatives is an antivirus testing and comparison organization.

The study was performed by analyzing antivirus products running in a virtual machine to see what they sent to the antivirus company, reading each antivirus product’s end user license agreement (EULA), and sending a detailed questionnaire to each antivirus company so they could explain what their products do.

Your Antivirus Knows All About You


Your antivirus knows a heck of a lot about you. It knows what programs you run, because it has to make sure they're legit. It knows the websites you visit, and steers you away from frauds and dangers. In addition, the antivirus company may learn a lot about you as you interact with sales, support, and so on. But that's fine, right? Well, a recent attempt by free antivirus giant AVG to clarify its privacy policy caused quite a fuss.

Wired reported on the new policy using the headline "AVG can sell your browsing and search history to advertisers." As it turns out, that inflammatory headline wasn't accurate. A little digging convinced me that AVG's policy isn't much different from that of its competitors—it's just spelled out more clearly. I checked the policy for several other free antivirus tools, and also for Wired's website.

Free Isn't Free
No security company in the world could survive solely by giving away free antivirus protection. There has to be some income, or the company will dry up and blow away. Yes, some vendors use the free version as a teaser and profit from upgrades, but those aren't the giants. AVG needs to monetize the anonymous data and telemetry received from the more than 200 million users; the same is true of Avast, Avira, and other major publishers of free security products.

It would be suicide for a security company to actually misuse private data. I can't see it happening. But if you're at all worried, dig in and read your own antivirus's privacy policy. Just make sure you have a college graduate handy to interpret the complex language.

Edited by sman
Link to post
Share on other sites

3 hours ago, Gt-truth said:

Norman AV should also be not recommends because either AVG or AVAST has bought Norman company

Used Norman for many years. Anyway Norman AV is long gone several years ago.

It was first split in two Norman Shark, malware analysis and AV engine, this was later acquired by Blue Coat that again was acquired by Symantec

The leftover Norman safeground was later acquired by AVG and all Norman users was moved over to AVG products, then AVG was acquired by avast ... so the big fish eat the small fish




Link to post
Share on other sites

3 hours ago, exile360 said:

One of the big fish consumes one or more of the smaller fish because the smaller fish was in a unique niche doing something that the big fish envied,

First with sanbox included in scan engine

"Norman was founded on 1 October 1984 in Oslo. The company was a pioneer in proactive security software solutions and forensics malware tools, utilizing a patented sandbox technology"


Norman stuxnet box  https://www.ironpaper.com/current/2012/05/norway-security-company-build-a-devise-to-stop-malicious-code-from-triggering-malfunctions-disruptions-or-even-the-unthinkable/#.XefDPUb0m70

Norman shark G2 analyzer https://www.prnewswire.com/news-releases/norman-malware-analyzer-g2-is-industrys-most-flexible-and-powerful-platform-for-cyber-threat-discovery-and-assessments-162565426.html

Norman sandbox  https://www.prnewswire.com/news-releases/norman-sandbox-anti-malware-security-technology-recognized-as-most-innovative-idea-in-past-decade-at-vb2010-conference-104484214.html




Edited by pondus
Link to post
Share on other sites

Yeah, Norman used to be a really decent AV and they had some good tools too.  I used to run their portable/standalone scanner all the time when doing malware checkups/cleanups; it was always on the short list of go-to tools for general virus scanning (a list of only about 4 or 5 products total, as I was quite picky).

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.