Reformed Adware Vendor Still Under Fire

One of the central players in the advertising software field, Zango is trying to be the leopard that changed its spots. Despite the adware company’s efforts to improve its reputation, it is still drawing fresh accusations of dubious business practices.

Zango, based in Bellevue, Wash., changed its name last month from 180solutions, a moniker linked to well-documented complaints about its software, which displays targeted pop-up advertising to Web surfers based on the sites they search for.

In exchange for viewing the advertisements, users get access to freebies such as video clips and the ubiquitous graphical “smileys” for e-mail. Zango pays affiliate websites up to US$0.40 for every visitor who installs the Zango software.

Those rewards drove some affiliates to exploit unpatched security holes to install the software without user consent, or to lure users into installing it by linking to it from popular social networking sites.

Zango Chief Executive Officer Keith Smith blames the company’s bad reputation on the past behavior of website publishers, some of whom essentially subcontracted out illegitimate installations of the software to hackers.

“We have fixed that,” he said during a recent interview in London.

Smith, a bright 35-year-old entrepreneur who dropped out of Bible college, detailed how around the start of the year, the company axed distributors seeding unauthorized installs and added new notification mechanisms to let users know the software is on their computer, following a swell of complaints and media coverage.

But critics paint a contrasting picture in which hackers are still pushing installs of Zango software modified to run without user consent, and say the company’s efforts to clean up are loose at best.

Only last week, security research manager Christopher Boyd of FaceTime Communications showed that Zango’s software was being distributed through MySpace, the popular social networking site owned by News Corp., in breach of MySpace terms of service, which forbid commercial use of the site.

Boyd argued MySpace users are typically minors and may not understand the opaque user agreement. Zango says its software is only for users over 18 years old.

Zango officials said one of its developers had created a MySpace profile containing video clips requiring a download of the adware before the content could be viewed. The developer was unaware of Zango’s policy not to market the adware on MySpace, said Zango spokesman Steve Stratz.

Other sites have sprung up offering content that MySpace users can add to their profiles that also requires a Zango download.

Some hackers have found darker ways to make money from Zango’s affiliate program, exploiting security flaws in order to install Zango software on other people’s computers.

A former hacker, who says he no longer distributes Zango software illegally, said his friends still make $5,000 to $8,000 a month spreading Zango through networks of commandeered computers, called botnets.

“I still have friends milking [Zango] for every penny they got,” said the former hacker close to Jeanson James Ancheta, an American hacker who was sentenced to 57 months in federal prison in May. Ancheta was indicted for illegally controlling a network of bots to install adware, among other things.

Smith said fewer than 1 percent of Zango installations today are unauthorized, but “we know that we are not going to be able to stop 100 percent of the hackers out there.” If a user complains to the company about unauthorized installations, it can cut off payment to the distributors responsible, tracing them by their affiliate number, he said.

Users are asked three days after the Zango software is installed if they want to remove it. But even if the user uninstalls Zango, “the money has already been made,” the former hacker said.

While Zango may be able to identify large-scale botnet installations, “if you mix legit installs with botnet installs, they never notice a thing,” he said.

Ben Edelman, a malware researcher and doctoral candidate at Harvard University, created a video documenting an unauthorized installation in February. Edelman, a longtime Zango foe, said he no longer contacts the company when he finds instances of rogue installations.

“They’re still doing business with bad guys who want to put the software on users’ computers without the users agreeing,” Edelman said. “So long as that’s the case, the distributors have every incentive to hack the system to get paid.”

The Center for Democracy and Technology (CDT) has a case pending before the U.S. Federal Trade Commission to investigate Zango’s business, alleging the company has engaged in deceptive practices to get users to download the software.

“It seems as though they are more concerned with getting installations than making sure people actually want their software,” said Ari Schwartz, deputy director of the CDT.

Smith disagrees with the CDT. “We think in this particular case they’re misunderstanding our software and our intentions in what we do,” he said. “We are doing our best to educate them.”

Criticism and investigation hasn’t slowed Zango. The company acquired Hotbar.com, another adware maker based in Israel, in June. Smith seems buoyant about a business that supports what he calls the “content economy,” enabling content creators and publishers to drive Web traffic and make money.

Smith won’t disclose Zango’s recent revenue. The company reported $53 million in revenue in 2004.

Zango recently sealed a deal for content with Warner Bros., an arrangement Smith said involved scrutiny of the company’s business practices.

Meanwhile, the CDT has sought out advertisers and found many are unaware their ads were being served by adware due to complex chains in how ads are purchased, Schwartz said. The CDT is investigating the overall advertising sales structure in how adware is funded and will soon publish a report, he said.

Advertisers, however, “say Zango is a great secret,” Smith said. The software, he said, is “absolutely critical to the health and well-being and success of the Internet long term.”

-Jeremy Kirk, IDG News Service (London Bureau)

Check out our CIO News Alerts and Tech Informer pages for more updated news coverage.