Well, hello there! I don’t think we’ve been properly introduced. I’m Bonzi.
For some folks, the above may trigger memories of an animated purple gorilla that told the occasional joke and helped them surf the web. For others, those words may be a reminder of what felt like the beginning of the end for their computer after installing it.
In the early 2000s, spyware—malicious software, sometimes referred to also as adware, that collects information about a person without their consent—was as pervasive as velour tracksuits, scandalous tabloid magazines, and low-rise jeans.
“It was normal for almost everyone that was going to the internet to be at some point infected or annoyed by these things,” said Luis Corrons, a security evangelist at Gen.
BonziBuddy was arguably a poster child for early spyware programs. The intelligent software agent, which was free to download, masqueraded as an innocent tool that could assist users with basic tasks such as calendar reminders. However, the software would soon cause issues for users, like Malwarebytes co-founder and CEO Marcin Kleczynski, who downloaded the cartoon personal assistant for fun. Then it overstayed its welcome.
“It was very annoying,” Kleczynski said. “You could not get rid of it. You could not uninstall it very easily. It kept changing your browser settings. It kept feeding you advertisements. And at some point, I just didn’t know what to do.”
BonziBuddy, which faced several legal battles over the years for deceptive ads and tracking underage users, was just a drop in the ocean of spyware that was being encountered by internet users. Alex Eckelberry, CEO of security software company Sunbelt Software in the early 2000s, recalled finding a slew of “garbage” spyware software on a neighbor’s computer as a result of her kids being on the internet.
“The browsers were not as secure as they were today and people could get tricked into installing stuff,” he said.
The malicious software also got a hold of more savvy computer users. Ben Edelman, who was a Harvard Law School student at the peak of the spyware craze, told IT Brew that spyware software often used deceptive tactics to attract victims.
“We found some where it would install even if you said no,” Edelman said. “The ‘I disagree’ or ‘I reject’ button wasn’t wired up properly, and it would still install.”
Edelman, now a founder of his own consulting firm, told us he was able to uncover defects in Internet Explorer 6, one of the most popular browsers at the time, that allowed malicious actors to run a security exploit allowing web pages to install software on a user’s computer without their consent.
“Everyone knew there was such a thing as a security exploit, but was anyone actually using the security exploits to install adware?” Edelman said. “Well, I proved that the answer [was] yes.”
For some users, spyware was a nuisance because it slowed down their machines. For others, the malicious programs posed a major privacy risk. Eckelberry in a February 2005 blog post opined what he believed was the core problem with adware and spyware programs.
“It’s no longer your machine, it’s the advertisers,” Eckelberry wrote. “Is that bad? Is that wrong? Not necessarily. But our position is clear: The user needs to know that this stuff is on their system.”
The spyware warriors. By 2004, spyware had caused the internet to become the wild, wild west. An online safety study conducted by AOL and the National Cyber Security Alliance that year found that 80% of the 329 dial-up and broadband adult computer users queried in its survey had spyware or adware installed on their computer and only 53% of those individuals were aware of it.
Initially, regular people took matters into their own hands to put a leash on the spyware plague. Eric Howes, now a threat analyst at KnowBe4, was one of them. At the time, Howes was an adjunct instructor by day and a spyware connoisseur on forums like Spyware Warrior by night.
Top insights for IT pros
From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.
“I wrote a number of long, long blog posts with screenshots illustrating how the software gets installed and so on and so forth,” he said.
Howes, who was later recruited by Eckelberry to work at Sunbelt, told us that people providing assistance to others during this time were largely volunteers.
“This is one of the interesting things about the fight against [spyware],” Howes said. “Until the Nortons and McAfees and what have you jumped in, it was really a grassroots effort that rose up to battle the scourge of adware and spyware.”
Howes told IT Brew that the online helpers even began to build their own tools to help ward off spyware on infected devices.
Edelman was an early spyware defender on the frontlines. He told IT Brew that he began writing profusely about the matter after providing an expert declaration in a lawsuit against Gator, a notorious adware company.
“I think I dropped a new article every Monday,” Edelman said. “I called it the ‘Misleading installation of the week.’”
While security companies were “asleep at the switch,” Edelman said he willingly took on the brunt of exposing large adware and spyware players, even if it had legal implications.
“I didn’t mind the risk of someone suing me because I knew that I was in the right,” Edelman said. “I knew I could prove it.”
Small security firms also stepped up to the plate. Eckelberry said that Sunbelt, a small Tampa Bay, Florida-based company, became a “national name” because of its role in helping to fix infected devices, while also educating the public through its blog. Sunbelt was acquired by GFI Software in 2010.
“The antivirus companies—Trend, McAfee, Symantec—they were caught flat footed,” Eckelberry said. “They did not have the technology to deal with this.”
Eckelberry added that Malwarebytes, formed by Kleczynski in 2008, was a notable player at the time.
“They were the best at removing stuff,” Eckelberry, a former board member of the cybersecurity company, said. “They could remove anything.”
End of an era. Edelman said that the legacy security vendors eventually “woke up to the work that their users expected them to do.”
“Both Symantec and McAfee began providing excellent protection against adware. Microsoft began building it right into Windows,” Edelman said. “Windows Defender comes with every copy of Windows to this day.”
He added that his blog posts, which included analyses of how companies like Expedia funded adware programs, helped to expose advertisers who used inappropriate advertising practices and made it harder for them to stay in business.
“Some of these companies, when they saw what I wrote up on my website, they were horrified,” Edelman said.
Roughly two decades later, Howes said the practices of the adware industry have been “ubiquitous” in today’s world, as internet users now expect some form of surveillance and data gathering when they go online.
“All the big social media programs are built on that business model: privacy, invasive data gathering, and monetization of that privacy,” he said.
However, the security professional still thinks fondly of the work he and others have done to protect users in the early days of the internet.
“In the rear-view mirror, some of the battles that we fought—Alex and Ben and I and plenty of other people—look a little quaint right now, which does not mean that I have doubts about the justice of the fights that we did,” Howes said. “I still feel very good about what we did.”