Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Network Security, Security Strategy, Plan, Budget, Incident Response, TDR, Threat Management, Threat Management, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Accused adware purveyor Zango shuttered by bank foreclosure

A principal player in the spreading of adware -- software that silently loads advertising onto web users' computers -- has been forced to close down after a decade in business.

Bellevue, Wash.-based Zango was sold last week after it failed to honor more than $44 million worth of debts. It reportedly sold its assets for an undisclosed sum to Blinx, a San Francisco-based video-search engine, which on its website, claims it is "the world's largest and most advanced video search engine."

Zango's reputation was often under attack. The company was accused of launching "drive-by" downloads, which installed its adware onto user's computers, often without their knowledge; at times the company even was accused of spyware practices.

"Zango's transformation – from security exploits to social engineering and deception – maps an ongoing development in the security business," Ben Edelman, an internet security expert and assistant professor at the Harvard Business School, told SCMagazineUS.com in an email. "Much of security these days requires protecting users from tricks and scams – from sites promising get-rich-quick schemes; from programs offering dubious to no value, with considerable downside. Zango's final incarnation certainly fit the latter family."

Edelman pointed to Zango telling users they must install its software to watch videos widely available elsewhere for free.

Though former Zango CTO Ken Smith said this week in a personal blog post that many of the questionable practices his company was accused of were the result of third-party distributors, its reputation as an adware distributor accompanied each metamorphosis.

"Zango could never get over its history of nonconsensual and deceptive installations," Edelman said. "It's easy to claim that these are all in the past (though I'm not sure it's actually true that all the deceptive installations stopped so long ago). But reputations can collapse much faster than they rebuild. Pay partners to install software without user consent or through all manner of deception, and it will be hard to later convince users to offer their trust or praise."

In 2006, the FTC ordered Zango to pay $3 million for its pop-up advertising techniques. But even after that, the company reportedly did little to change its business model.

Originally launched as ePIPO in 1999, raising $40 million in venture capital financing, the company first employed a pay-to-surf model in which users were paid to surf the web while running ePIPO application software that offered up banner ads. Users also made money by referring others to install and use the app. Eventually, after several names changes – including Hotbar and 180 Solutions – the company functioned as an ad-supported compendium of online videos, games, music, tools and utilities.

In fact, the company went on a buying spree, scooping up Hotbar, an Israeli-based firm that provided emoticons, e-cards, skins, wallpapers and games; LoudCash, a toolbar distribution channel; EasyMessenger, a free IM program; and game developer Full Armor Studios.

But this spree led to the company incurring significant debt. Harming the company's position, too, its products began being blocked by anti-virus and anti-spyware filters, limiting its distribution.

Indeed, at last week's RSA Conference in San Francisco, a slew of new products to protect against malicious applications was on display. But the technology can do only so much.

To solve this problem, "we will have to augment security products with people," said Nathan Shanks, senior security architect for the managed security service practice at Unisys, speaking with SCMagazineUS.com on Monday.

He added that from a security perspective he sees no difference between an adware application and a worm such as Conficker.

"Zango never offered anything sufficient to compensate users for Zango's substantial intrusion onto users' PCs,"  Edelman said. "How much would a company have to pay you to get you to let them track your browsing and to show you popup ads? It's an expensive proposition."

Edelman said that even though Zango shut its doors, there remain other adware purveyors out there.

Unisys' Shanks agreed, saying Zango was more visible because it got so big.

As of press time Monday, Zango's website was still live, offering free videos, games, screensavers and audio to those willing to let the company install ad software on their computer.

A request to Zango for comment went unanswered Monday.


Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.