Recent reports highlight the ill behavior of the Web Security Giant, AVAST, which had been gathering the web-browser data of millions of worldwide users. According to analyzed reports, Avast is not only gathering this sensitive data, but also selling the same to several marketing firms and companies for bulky financial gains.
As per data, AVAST is installed on above 400 million devices worldwide including PCs, Macs, mobile, devices and smartphones. It is gathering all the sensitive data through browser plugins and is selling the same to several third parties including well known global giants like Microsoft, Google and many more.
“Clientele included names of the global giants like Yelp, Pepsi, Google, McKinsey, Microsoft, Home Depot”, the report from joint investigation of Motherboard and PCMag claimed.
Investigating partners Motherboard and PCMag have been digging into this scenario for some time. It was found out that the entire sale between Avast and the clients was kept confidential.
The leaked data and documents were collected from the subsidiary of Avast called Jumpshot. Jumpshot was involved in repackaging the data, converting it into different products, and then selling the same to clients.
Some clients were particularly interested in the ‘All Clicks Feed’ and some just wanted to have the entire data of millions of users worldwide. According to records, a transaction of above $2 million was made by a marketing firm just for data access.
Ondrej Vlcek, Avast CEO said that the company promptly acted in December 2019 to ensure that they are meeting all the requirements for browser standards and now claim to be compliant with the browser extension for online security protocols.
“Using any type of user data from the browser extensions was ceased and it was just for the sake of following the protocol with our core security engine and sharing the same intel with our subsidiary Jumpshot. Nothing else”, Ondrej said.
“Our Jumpshot does not gather any critical data of any user such as age, name, alias, personal intel or contact number”. Users have always been able to decide for themselves if they want to opt-out of sharing their data with Jumpshot. We are in the process of giving our users a choice to opt-in or opt-out. All the new downloads of the products will have an agreement and it will be up to the customers to opt-in or opt-out for sharing the data with Jumpshot. This process will be completed in Feb 2020”, Vlcek added.
According to the investigation, it was also reported that Avast recorded the porn videos, acquired the number of clicks to different porn sites, gathered the date and time of the visits, keep a track of search terms, key strings and kept copies of the entire browsing history at some points.
Millions of Avast users who are now concerned and feel helpless have expressed their grief to Motherboard and PCMag. Users of this application were not aware of this whole scenario about Avast and Jumpshot, keeping a track of their browsing data and acquiring the same.
Diving deep into the investigation confirmed that, Avast is still stealing the data, but this time, it is not using those typical browser plugins or Jumpshot, but through the software itself. PCMag and Motherboard still remain vigilant.