Company type | Private |
---|---|
Industry | Adware |
Founded | 1999 |
Defunct | 2009 |
Headquarters | Bellevue, Washington, USA |
Key people | Keith Smith, co-founder and Chief Executive Officer |
Products | Adware |
Revenue | Undisclosed |
Number of employees | ~100 |
Website | www.zango.com |
Zango, (also letter case zango), formerly ePIPO, 180solutions and Hotbar, was a software company that provided users access to its partners' videos, games, tools and utilities in exchange for viewing targeted advertising placed on their computers. Zango software is listed as adware by Symantec, and is also labeled as a potentially unwanted program by McAfee. Zango was co-founded by two brothers: Keith Smith, who served as the CEO; and Ken Smith, who served as the CTO.
In April 2009 Zango ceased trading after its banks foreclosed. However, As of April 2010 [update] , Hotbar, Seekmo, and ZangoCash, formerly owned by Zango, continue to operate as part of Pinball Corporation.
Zango's consumer website asserted that the company was "committed to creating a content economy built on a foundation of safe and ethical practices by protecting consumer privacy while offering a fulfilling and high-value content experience." It provided targeted advertising [1] in return for partner companies' content such as sports, comedy, dance, erotic videos, online games, and screensavers. [2] Warner Bros. and others had provided content, but WB terminated [3] its business relationship with Zango after concerns were raised that children viewing Warner Bros. content could be exposed to advertisements for pornography. [4]
StopBadware.org lists a number of undesirable behaviors associated with Zango Easy Messenger, including "behaves as spyware", "automatically runs on startup", "displays pop-up advertisements", "installs adware", and "bundled software cannot be closed". The same site states, "We find that Zango Easy Messenger is not badware, although it does engage in behaviors that users should be aware of." [5]
Websense has a Zango-related security advisory dated November 2006, stating that "Websense Security Labs has discovered a number of user pages on the MySpace domain which have videos that look like they are from YouTube. The videos have an installer embedded within them for the Zango Cash Toolbar. When users click on the video, they are directed to a copy of the video, which is hosted on a site called 'Yootube.info.' ... the video downloads and attempts to install setup.exe from Zango Cash." [6]
A more detailed analysis of this attack, according to one website, is that "Zango continues numerous practices likely to confuse, deceive, or otherwise harm typical users as well as practices specifically contrary to Zango's obligations under its November 2006 settlement with the FTC." These include failure to include on-screen disclosure of material terms, widespread in-toolbar ads without labeling and hyperlinks, ads for "bogus sites that attempt to defraud users", and third party installations without disclosure. [7]
Zango software is listed as adware by Symantec. [8] Computer security company McAfee said in 2005 "this program may have legitimate uses", but described it as a "potentially unwanted program" and an "adware downloader." [9] Automated analysis by McAfee SiteAdvisor in May 2008 reports "629 red downloads" and that during testing, McAfee "found downloads on this site that some people consider adware, spyware or other potentially unwanted programs." [10]
Keith and Ken Smith, the CEO and CTO respectively, founded ePIPO in 1999. [11] It was one of the first "pay-to-surf" companies, following in the footsteps of AllAdvantage. This business model paid users a minimal amount to surf the Internet while running an application that showed banner ads. Users could also make money by referring new users.
After enjoying brief success, the pay-to-surf business model declined with the bursting of the dot-com bubble in 2001. The company, which changed its name to 180solutions, adjusted their technologies in several ways:
From 2002 to 2005, 180solutions' applications—such as ncase and 180SA (search assistant)—were distributed via various affiliates. While these affiliates were required by the 180solutions contract and by law to obtain the permission of the user prior to software installation, many did not, resulting in millions of illegal non-consensual installs. Many other affiliates notified users only via the end user license agreement, resulting in millions more arguably legal but essentially non-consensual installs.
180solutions' software showed pop-up ads while a user was surfing the Internet. This software was often bundled with freeware which the user intentionally installed; since permission to install the 180solutions adware was typically hidden in an EULA, most users were unaware they were installing adware. In some cases 180solutions' software was installed as a standalone install. Using this method, an ActiveX prompt simply asked the user to install the software so that they could receive "comparison shopping advertisements." 180solutions contended that the value of the bundled software or the advertisements made up for the inconvenience of the pop-up ads. The value of this trade-off was contested by critics of the adware business model.
In 2004, Benjamin Edelman, assistant professor at Harvard Business School and spyware researcher, analyzed the network behavior of 180solutions applications and claimed they redirected commissions to themselves that were properly due to affiliates, and additionally caused merchants to pay commissions when affected users clicked on merchant sites directly. [12] During this time, 180solutions' applications were designed to be difficult to uninstall, requiring the user to download an additional uninstall application made by 180solutions or to use an adware removal tool. In 2005 the software uninstall was standardized to use Windows' "Add or Remove Programs" function, making it easy to uninstall.
In 2005, 180solutions implemented a number of initiatives to control the distribution of its software and eliminate non-consensual installs. In March, they acquired one of their distribution partners, a Canadian company called CDT (dba LoudCash, giving them direct visibility into and greater control of many of the formerly "third party" distributors. In June, 180solutions claimed to have re-notified users on its 20-million-user customer base, and implemented a program that notifies all users within 72 hours of install and re-notifies all users every 90 days thereafter. By August, they had filed suit against seven individuals alleged to have illegally distributed its software using a botnet. In November, 180solutions announced an ongoing partnership with the FBI in breaking up a botnet ring in the Netherlands. In December, the company ended distribution of the 180SearchAssistant and closed LoudCash, a remnant from the CDT acquisition.
Despite the initiatives of 2005, 180solutions admitted that it was possible for malicious parties to hack their install routines and thus cause fraudulent installs. [13] They claimed that the percentage of fraudulent installs had dropped from over 10% to under 1%. Critics considered that the business model was untenable because fraud against 180solutions which harmed unknowing users via non-consensual installs could never be completely removed. [14]
In early 2008, security researchers at Fortinet reported, incorrectly, that the rapidly spreading Facebook widget "Secret Crush" was enticing users to download Zango adware by promising to identify a secret admirer. [15] Zango denied any involvement with the widget, and further investigation by an Infoworld senior writer showed that the Fortinet report was incorrect. [16]
On June 16, 2008, the company laid off 68 of its approximately 200 employees; Executive Vice President of Corporate Development York Baur, company co-founder Chief Technology Officer Ken Smith, and company co-founder Chief Information Officer Doug Hanhart also left. Zango said it was narrowing its focus to concentrate on its new product Platrium, a "casual gaming experience" that showed targeted ads, shopping comparisons and search suggestions based on keywords from the user's Internet browsing. [17] [18] On December 15, 2008, Zango closed their Tel Aviv office, which had been the Hotbar headquarters before Hotbar and 180solutions merged, thereby laying off another 50 employees. [19]
In a personal bankruptcy filing following a January 2009 $4.6 million judgment in favor of a former employee, Zango's CEO stated that the company was in default to a bank consortium for over $44 million. [20] On April 20, 2009, industry magazine Computerworld reported that Zango had become defunct. A spokesman for video search engine company Blinkx said that although Blinkx had purchased some of Zango's technical assets such as servers, Zango was shut down after the consortium foreclosed. [21] [22] 100% of Zango's assets were sold to Blinkx, in what the Zango CEO characterized as a "fire sale". [23] When asked about employees, a Blinkx spokesman said "As Zango was insolvent, we believe all the employees were laid off." While technically true, the majority of Zango employees were immediately hired by Blinkx. [20] It was later announced that ZangoCash was to become Pinball Publisher Network, part of the Pinball corporation, though it would still be operating under its own name with no change to its services. This corporation was 100% owned by Blinkx [24]
On January 23, 2006, a public advocacy group filed two official complaints with the Federal Trade Commission. The Center for Democracy and Technology complaints charged 180solutions with engaging in unfair and deceptive business practices, deliberately duping Internet users into downloading intrusive advertising software. [25]
The same year, the Federal Trade Commission charged Zango with "Deceptive Failure to Disclose Adware", "Unfair Installation of Adware", and "Unfair Uninstall Practices" in violation of the Federal Trade Commission Act. [26] Since the FTC ruling, security researchers continued to find Zango involved in problematic installs. In November 2006, Zango settled this complaint, via a consent decree with the FTC, without formally admitting guilt. In the words of the Federal Trade Commission press release, "Zango, Inc., formerly known as 180solutions, Inc., one of the world's largest distributors of adware, and two principals have agreed to settle Federal Trade Commission charges that they used unfair and deceptive methods to download adware and obstruct consumers from removing it, in violation of federal law. The settlement bars future downloads of Zango's adware without consumers' consent, requires Zango to provide a way for consumers to remove the adware, and requires them to give up $3 million in ill-gotten gains." [27] These restrictions were to remain in force for twenty years, and the agreement also requires respondents Keith Smith and Daniel Todd to notify the FTC of the discontinuance of their current business or employment, or of their affiliation with any new business or employment, for ten years. [28] In July 2007, Edelman said, "Zango continues numerous practices likely to confuse, deceive, or otherwise harm typical users as well as practices specifically contrary to Zango's obligations under its November 2006 settlement with the FTC." [29] [30]
In September 2005, attorney Shawn Collins filed a class action lawsuit against Zango on behalf of three plaintiffs, alleging that Zango deceptively installed spyware on more than 20 million personal computers. The company said its software was voluntarily installed by users who downloaded premium content in exchange for their consent to view advertisements relevant to what they searched for online. During pre-trial discovery, the parties agreed to a dismissal with prejudice, meaning that the suit cannot be brought again by the same complainants. Each side agreed to pay its own fees and expenses. [31] [32] [33]
In 2005, Zango sued Zone Labs for labeling it as spyware. [34]
In May 2007, [35] Zango filed a lawsuit against PC Tools alleging tortious interference with its business and trade libel, because the PC Tools product Spyware Doctor at that time classified Zango software as malicious and removed it without informing users. [36] [37] Zango dropped the suit after the judge ruled that the suit was "unlikely to succeed on the merits of any of its three causes of action" and refused to grant Zango a temporary restraining order. [37] [38]
Also in May 2007, Zango filed in the same court a similar lawsuit against Kaspersky Lab, accusing it of tortious interference, trade libel and unjust enrichment for blocking the installation of Zango software. Kaspersky defended itself by invoking the Communications Decency Act (CDA), saying it was immune from civil liability based on the paragraph of the CDA headed "Protection for 'Good Samaritan' blocking and screening of offensive material". The judge agreed, granting Kaspersky's motion for summary judgment. [39] [40] [41] In 2008, Zango appealed against the ruling. [42] As of April 2008, the National Business Coalition for E-Commerce and Privacy was supporting Zango in the appeal. [43] In June 2009 the court ruled that Kaspersky could not be held liable for any actions it took to manufacture and distribute the technical means to restrict Zango software's access to others. [44] [45]
Unusual methods of installation and operation have evolved as software such as Zango is targeted to run on a broader mix of applications and platforms. Zango has stated on their website that any Zango "application" can be completely uninstalled by using the Microsoft Windows "Add or Remove Programs" function. However, Zango may appear as a browser plug-in or in some other form which cannot be removed by the officially recommended procedure.
Utilities exist for the purpose of detecting, and in some cases removing Zango and similar software. Some software advisers have recommended that people seeking to remove Zango-like software from their computers search for instructions specific to their particular platform, application, and installation.
Hotbar (also known as HbTools) is a plugin for Internet Explorer, Microsoft Office Outlook and Outlook Express produced by Zango; as of August 2010 [update] Hotbar has closed distribution, but is still available to those who still have the installer. From version 10.2 on, it identifies itself as belonging to Pinball Corp. [46] Hotbar adds a toolbar and the option of extra skins to these programs. It also allows the user to add emoticons to emails created in Outlook or Outlook Express and to check weather reports. Its major revenue comes from the use of pop-ups displayed according to a user's behavior and current URL. The application can show over 15 pop-ups a day, depending on how much Internet browsing has occurred. The last reported usable version is 10.0.357.0, dated October 9, 2007. Currently, it often self-updates to a later version that deactivates the toolbar and Outlook components (as it is completely incompatible with all versions of Internet Explorer after IE7, along with all Windows Mail and Windows Live Mail products), rendering it useless.
Hotbar as supplied by Zango had an option to turn off the advertisements, for a fee. The fee-based Premium access also unlocked certain content beyond the preview stage in Hotbar's utilities. Grandfathered version 4 Premium accounts had unlimited access, as long as the activation link supplied when purchased was saved. Version 4 of Hotbar is no longer usable, as all content is accessible only to version 10. 365-day accounts were sold, valid only for the Hotbar toolset; if Zango was installed alongside Hotbar Premium. In the overlaid installation, Zango's but not Hotbar's, advertising was shown. Hotbar no longer has premium access available for purchase, so all Premium content is not currently usable. Premium assets may be accessed through examination of linking and related code and insertion into use. Zango itself did not offer Premium access. As of April 2010 [update] Hotbar's website does not mention Premium access.
Hotbar is an example of adware due to its banner advertising and use of pop-up windows. The user's browsing habits are also sent to the Hotbar servers with a unique user ID which allows a user's browsing habits to be tracked over an extended period. Spyware researcher Benjamin Edelman defined Hotbar's problems:
Promoting Hotbar advertising software at sites targeting kids, using banners with smiley faces but without mention of ads. Failing to affirmatively show a license agreement, and burying advertising terms so many screens into the license and below such counterintuitively-labeled section headings that users cannot reasonably find the key provisions. First affirmatively mentioning advertising on a screen that offers no Cancel button for users to decline the installation. And ultimately bombarding users with ads in pop-ups, web browser toolbars, Windows Explorer toolbars, auto-opening sidebars, and even desktop icons. [47]
In 2005–2006 Hotbar.com started sending cease and desist letters to security companies which defined Hotbar as "malware". As a countermeasure, Symantec successfully sued Hotbar.com to get clear right to put it in their "low risk adware"-category. [48]
Hotbar can be detected and removed by several anti-spyware and anti-virus programs, including Windows Defender, Spybot - Search & Destroy, Nod 32, and Norton AntiVirus. However, some utilities do not remove Hotbar completely and leave Windows registry keys and files behind. [49]
Seekmo is an adware program by Zango that claimed to be a free tool to provide content such as mp3 files, screen savers, and videos. Seekmo can pop up advertisements even when users have pop-up blockers on their computers, and monitors computer usage to generate ads that users are more likely to respond to. In the process, the program can consume processing power and network bandwidth, slowing down the computer and interrupting other programs. Upon downloading a Seekmo-containing file, license acquisition will begin and the program (Windows Media Player, for example) will display a window describing the content and what Seekmo is. Upon clicking "Accept", it will automatically send a file for download called "Setup.exe". After downloading this file users must install the Seekmo Toolbar, which will display advertisements related to the websites visited. As of August 2011 [update] Seekmo is still available, and identifies itself as belonging to Pinball Corp.; [50] operation may no longer be as described above.
Zango Messenger is an adware-containing adaptation of the instant messaging client Easy Message. Originally developed by Ryan Dewsbury, it was acquired by Zango in February 2005. It connects to the AIM, Yahoo! Messenger, MSN Messenger and ICQ networks.
Adware, often called advertising-supported software by its developers, is software that generates revenue for its developer by automatically generating online advertisements in the user interface of the software or on a screen presented to the user during the installation process. The software may generate two types of revenue: one is for the display of the advertisement and another on a "pay-per-click" basis, if the user clicks on the advertisement. Some advertisements also act as spyware, collecting and reporting data about the user, to be sold or used for targeted advertising or user profiling. The software may implement advertisements in a variety of ways, including a static box display, a banner display, a full screen, a video, a pop-up ad or in some other form. All forms of advertising carry health, ethical, privacy and security risks for users.
Spyware is any software with malicious behavior that aims to gather information about a person or organization and send it to another entity in a way that harms the user by violating their privacy, endangering their device's security, or other means. This behavior may be present in malware and in legitimate software. Websites may engage in spyware behaviors like web tracking. Hardware devices may also be affected.
Morpheus was a file sharing and searching peer-to-peer client for Microsoft Windows, developed and distributed by the company StreamCast, that originally used the OpenNap protocol, but later supported many different peer-to-peer protocols. On April 22, 2008, distributor StreamCast Networks filed for Chapter 7 bankruptcy after a long legal battle with music companies; all of their employees were laid off and the official download at www.morpheus.com stopped being available, though for a small period the website remained online. As of October 29, 2008, the official Morpheus website is offline, including all other websites owned by StreamCast Networks, specifically MusicCity.com, Streamcastnetworks.com and NeoNetwork.com.
Claria Corporation was a software company based in Redwood City, California that invented “Behavioral Marketing”, a new form of online advertising. It was founded in 1998 by Denis Coleman, Stanford MBA Sasha Zorovic, and engineer Mark Pennell, based on work Zorovic had done at Stanford. In March 1999 Jeff McFadden was hired as CEO and Zorovic was effectively forced out.
BonziBuddy was a freeware desktop virtual assistant created by Joe and Jay Bonzi. Upon a user's choice, it would share jokes and facts, manage downloads, sing songs, and talk, among other functions, as it used Microsoft Agent.
Spybot – Search & Destroy (S&D) is a spyware and adware removal computer program compatible with Microsoft Windows. Dating back to the first Adwares in 2000, Spybot scans the computer hard disk and/or RAM for malicious software.
Cydoor is a spyware and adware first detected in 2003.
Yahoo! Native is a native "Pay per click" Internet advertising service provided by Yahoo.
Norton AntiVirus is an anti-virus or anti-malware software product founded by Peter Norton, developed and distributed by Symantec since 1990 as part of its Norton family of computer security products. It uses signatures and heuristics to identify viruses. Other features included in it are e-mail spam filtering and phishing protection.
PDFCreator is an application for converting documents into Portable Document Format (PDF) format on Microsoft Windows operating systems. It works by creating a virtual printer that prints to PDF files, and thereby allows practically any application to create PDF files by choosing to print from within the application and then printing to the PDFCreator printer.
RhythmOne plc, previously known as Blinkx, and also known as RhythmOne Group, is an American digital advertising technology company that owns and operates the web properties AllMusic, AllMovie, and SideReel.
Browser hijacking is a form of unwanted software that modifies a web browser's settings without a user's permission, to inject unwanted advertising into the user's browser. A browser hijacker may replace the existing home page, error page, or search engine with its own. These are generally used to force hits to a particular website, increasing its advertising revenue.
Christopher Boyd, also known by his online pseudonym Paperghost, is a computer security researcher.
Messenger Plus! is an add-on for Windows Live Messenger and Skype. The software provides additional functionality to Microsoft's Instant messaging client, Windows Live Messenger, by adding its own controls to the main interface. These controls affect Messenger's behaviour and appearance, often through additional dialog boxes.
Rogue security software is a form of malicious software and internet fraud that misleads users into believing there is a virus on their computer and aims to convince them to pay for a fake malware removal tool that actually installs malware on their computer. It is a form of scareware that manipulates users through fear, and a form of ransomware. Rogue security software has been a serious security threat in desktop computing since 2008. An early example that gained infamy was SpySheriff and its clones, such as Nava Shield.
Viewpoint Media Player (VMP) is a browser graphics rendering plug-in originally produced by Viewpoint Corporation, a subsidiary of the marketing company Digital Generation, Inc.. A predecessor of VMP is the browser plug-in MetaStream from the once acquired company MetaCreations.
Movieland, also known as Movieland.com, Moviepass.tv and Popcorn.net, was a subscription-based movie download service that has been the subject of thousands of complaints to the Federal Trade Commission, the Washington State Attorney General's Office, the Better Business Bureau, and other agencies by consumers who said they were held hostage by its repeated pop-up windows and demands for payment, triggered after a free 3-day trial period. Many said they had never even heard of Movieland until they saw their first pop-up. Movieland advertised that the service had "no spyware", and that no personal information would need to be filled out to begin the free trial.
Download Valley is a cluster of software companies in Israel, producing and delivering adware to be installed alongside downloads of other software. The primary purpose is to monetize shareware and downloads. These software items are commonly browser toolbars, adware, browser hijackers, spyware, and malware. Another group of products are download managers, possibly designed to induce or trick the user to install adware, when downloading a piece of desired software or mobile app from a certain source.
A potentially unwanted program (PUP) or potentially unwanted application (PUA) is software that a user may perceive as unwanted or unnecessary. It is used as a subjective tagging criterion by security and parental control products. Such software may use an implementation that can compromise privacy or weaken the computer's security. Companies often bundle a wanted program download with a wrapper application and may offer to install an unwanted application, and in some cases without providing a clear opt-out method. Antivirus companies define the software bundled as potentially unwanted programs which can include software that displays intrusive advertising (adware), or tracks the user's Internet usage to sell information to advertisers (spyware), injects its own advertising into web pages that a user looks at, or uses premium SMS services to rack up charges for the user. A growing number of open-source software projects have expressed dismay at third-party websites wrapping their downloads with unwanted bundles, without the project's knowledge or consent. Nearly every third-party free download site bundles their downloads with potentially unwanted software. The practice is widely considered unethical because it violates the security interests of users without their informed consent. Some unwanted software bundles install a root certificate on a user's device, which allows hackers to intercept private data such as banking details, without a browser giving security warnings. The United States Department of Homeland Security has advised removing an insecure root certificate, because they make computers vulnerable to serious cyberattacks. Software developers and security experts recommend that people always download the latest version from the official project website, or a trusted package manager or app store.