back to article Avast shells out $17M to shoo away claims it peddled people's personal data

Avast has agreed to cough up $16.5 million after the FTC accused the antivirus vendor of selling customer information to third parties. The US regulator filed [PDF] a lengthy complaint against Avast regarding its use and alleged misuse of customer data. The security shop collected people's info through its browser extensions …

  1. Anonymous Coward
    Anonymous Coward

    OK

    Time to change AV vendor (again)

    1. David 132 Silver badge
      Thumb Up

      Re: OK

      It does rather seem to be an inevitable rule of the IT industry that all AV products turn to sh!te sooner or later.

      Waaay back in the day, I used to use Norton. That got more and more bloated, and when it reached the point that the product was worming its tentacles into my system far deeper and more damagingly than any likely virus infection, I moved to AVG.

      That in turn suffered its own enshittification - becoming bloated and succumbing to creeping featurism.

      TBH these days on my remaining Microsoft boxes I just run with Windows Defender. Of mixed efficacy it may be, but at least it's pretty lightweight and still (mostly) tame-able.

      1. Anonymous Coward
        Anonymous Coward

        Re: OK

        Norton AV was always shit, like most AV products aimed at consumers, all the way back to the '90s. People bought it because back then Norton still had a great reputation it build mostly through its suite of system tools (Norton Utilities).

        But yes, AV tools are pretty much all more or less crap, and if you're on Windows and can't/don't want to pay for something decent like Crowdstrike or SentinelOne then Defender is still a better option than any of the traditional AV products.

      2. Sudosu Bronze badge

        Re: OK

        With the added benefit that Microsoft probably already has all of your browsing history and everything else on your computer already.

    2. Smirnov

      Re: OK

      I'm not sure I can feel sorry for Avast users who got caught out by this, after all this isn't the first time Avast has misappropriated user data (they have a solid trac record of getting caught, apologizing and after a short while doing it again), so anyone who is still using them clearly hasn't paid attention.

      Which is a pretty poor thing to do especially when it comes to chosing software that's supposed to protect you and your systems.

      1. MrDamage Silver badge

        Re: OK

        Remind me to have fuckall sympathy for you whenever you get taken for a ride.

        1. Smirnov

          Re: OK

          So you think it's too much to ask to do a quick search on your favorite search engine before entrusting your personal data to a piece of security software?

          Do you also provide your credit card details to strangers?

  2. xyz123 Silver badge

    Does anyone still use AVAST these days? Now owned by a shady AF chinese firm that is thoroughly and utterly conntrolled by the CCP in Bejing.

    Avast installers are pre-bundled with extremely nasty malware that drops its own payloads AND opens doors to remotely contact botnet servers and download even more horrific stuff.

    Basically you install ANY Avast version in 2024, you've just ended your entire networks security and given complete control of your PC to the chinese government.

    Why would anyone do this?

    1. Anonymous Coward
      Anonymous Coward

      That is actually wrong information. Avast is not owned by the Chinese government. It is a publicly traded company, part of "Gen Digital" (NASDAQ: GEN).

      https://press.avast.com/nortonlifelock-completes-merger-with-avast

      It should be obvious. Norton (consumer) & Symantec (enterprise) shared the same endpoint security technologies under the hood. Completely different wrappers, interfaces, and use cases though. When Norton & Symantec split, the IP went to Symantec and Norton had to eventually find new technology somewhere else.

    2. Anonymous Coward
      Anonymous Coward

      You mean that you're worried your made in China PC is controlled by the Chinese government only after you install Czech software ?

      Okay then.

    3. Sub 20 Pilot

      And this is different to all the US based companies who do exacty the same ? This site gets more MAGA like and trumpian by the week.

  3. Marty McFly Silver badge
    Mushroom

    Always a money grab...

    A company screws up. The government goes after them financially. Rather than compensating the affected consumers, the government keeps the money.

    The plaintiff is also the judge and the jury. It just screams conflict on interest to me. This one fine probably justified the existence paid the salary of a dozen bureaucrats this year. I am tired of watching the government claiming they are protecting people, but all they doing is protecting their own self-interests.

    Don't get me wrong... A company screws up, and they should be penalized. But the money should go to the victims, not the government coffers.

  4. AndrueC Silver badge
    Unhappy

    I still get spam sent to my dedicated Avast email address. I pointed this out on their forums when it first started many years ago but I was 'shouted down' and told that there were many valid reasons why an email address that included the text '.avast' could've been found by spammers even though I was not receiving spam from anywhere else.

    Leaked or sold..they had clearly violated my privacy.

    1. Alan Brown Silver badge

      I have a habit of reviving such threads with pointers to these kinds of cases

      It just helps a little when someone uses a search engine in future

  5. Rich 2 Silver badge

    Avast has not, however, admitted guilt

    Of course, nobody ever thinks twice about giving away $17M to settle something they absolutely no-way not-never ever did

    So as well as being crooked, they are demonstrably bare-faced fibbers too

    1. Sub 20 Pilot

      Re: Avast has not, however, admitted guilt

      I think we have a ''prince'' that did just that?

      The grand old duke of york,

      he had twelve million quid,

      and then he gave it all away

      for something he never did.

  6. anthonyhegedus Silver badge

    Used to really rate Avast highly

    When I started servicing consumer computer users back in 2003, I evaluated several AV products, and found Avast came out very well. The free version was actually good, and the paid versions really did a some valuable things. But some time around 2011 or so, they changed. The free version kept advertising the paid-for versions. The paid-for versions kept advertising the higher-up paid-for version, and the ‘premium’ version kept advertising other products. It quickly became clear that they started to grow massively as a company, but not because they were any good.

    One of the ‘products’ they pushed was a ‘secure browser’ extension that purportedly protected you by giving you better deals on stuff. So when you searched for a price on something, it replaced search results and prices with their own affiliate advertisers’ prices!

    Eventually, this became an ‘Avast secure browser’ and at that point it started to become ‘evil’. The bought AVG, they merged with Norton - and we all know what Norton was positioned at in the market.

    We stopped servicing home users in 2012, and now we’re pushing EDR on to our customers.

  7. Anonymous Coward
    Anonymous Coward

    PSAFE

    Avast has also been harvesting user data through a "confidential collaberator" {their words) through a Brazillian company called PSAFE through their mobile and desktop "DFNDR" apps.

    The DFNDR mobile app uses Avast's software and has been tricking millions of users into installing the app through the use of fake virus warnings in push notifications that mimic system alerts.

    It has been using the fake virus warnings since 2013 and tricks people into accepting the malicious push notifications by clicking on fake CAPTCHAS or fake media browser buttons through a javascript embedded in hundreds of websites that detect mobile devices.

    When I reached out to Avast through their online user forums it took them almost a month before they finally admitted their partnership with the Brazillian company.

    After exposing the fraudulent virus warnings on the Avast user forums I was given a lifetime ban without warning for my troubles.

    I reached out to the FTC's online reporting website to report Avast's collaberation with PSAFE so that their DFNDR users can also be notified if their data was also harvested for Avast's Jumpshot program

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like