Bit Defender replacing search ads - with it's own ads~!

I just installed Bit Defender to test it, and was a bit put off by how it replaces web advertisements - with it's own ads.. Of course, that happens with their search advisor enabled.

Personally, I think this is a low ball move, and has really put me off on the product. I know it's not a serious thing security wise, but it seems a bit sleazy overall. See the screenshots below, first one with Bit Defender search advisor on, second with it off.. Note the replacement of all advertising on the page.

Thoughts? To me this is manipulation, and a manipulation they shouldn't be doing, especially for a paid product.

 

This is pathetic...But why aren't you using an adblocking program in the first place? I can't even remember the last time I've seen Search ads.

 

Yeah lol, they can replace adds as much as they want. They can even target me with adds but I don't even get to see them thanks to ABP

 

On my test laptop there is no adblocking product installed. Mostly because I want to try and inject malware and exploits into it during testing. So the reason I caught this was I was testing some aspects of BD tonight for a client on that particular test machine.

I agree, it's pathetic. Regardless if you block ads or not, understand Bit Defender is hijacking your advertisements AND searches, and replacing them with their own injections. Leave it to me to discover this, and from what I can find - nobody else in the world has posted about this before. This is seriously a new low from a company, and it would absolutely disqualify Bit Defender from consideration in view of this.

Other AV vendors should be taking note - Bit Defender is hijacking your links on major search engines. How do you feel about that?

 

That first image with "Ads related to..." looks like some Google inserted ads I've seen mentioned. Which have been known to include, in some cases, competitor ads:

https://www.en.adwords-community.co...t-the-top-of-competitor-s/td-p/99010?nobounce
https://www.en.adwords-community.co...ds-related-to-YYYYY-quot/td-p/135756?nobounce

Now I know nothing to speak of about BitDefender, and for all I know this might be a behavior that it is know for. However, if I saw that I'd examine the client<->server traffic and firmly establish where the ads I'm seeing in the browser are coming from. Before concluding they were locally injected by some software I was running. Did you do so?

 

Let me make this clear.

Bit Defenders HTTP scanner, and Site Advisor, replaces advertisements in search engines - with redirections to it's own product. When Bit Defenders web aspects are disabled, this does not happen. When they are re-enabled, one is 'fed' specific advertisements leading to Bit Defender, or exhorting the benefits of Bit Defender, and why everyone should buy it. Of course I examined traffic, and determined Bit Defender is 'serving' advertisements that benefit itself - replacing other, legitimate advertisements. Also I tested (briefly) how Bit Defender reacts - basically it looks at *ANY* search for *ANY* product that may be a 'competitor', and then redirects/replaces/hijacks/injects it's own advertisements into the stream.

It's pretty cut and dry. Bit Defender is using their HTTP engine to subvert what paying customers see for advertisements. I'm really curious to hear how other AV companies feel about this blatant hijacking. I'm also curious to hear how people that run Bit Defender feel about this blatant intrusion into customer browsing, and specifically - hijacking/redirection. I'd also love to hear how Bit Defender plans to squirrel out of this one.

 

Strange, my search results differ from yours. BTW I am no BD apologist or fanboy.

 

@ Bob: What happens when you use Chrome?

 

Im not seeing it either, Hmmm.. IE9

 

They're not actually replacing ads. The way it works is that they bid on keywords, in this case probably "antivirus", but possibly "Avira" as well. It's why you can put in "Buy ford truck" and get Chevy ads. Yeah, it looks bad in your example, but this is a coincidence, I promise.

Oh, and by the way? I hate BD, I'm not one to defend them.

 

Here is what I see with Chrome.

 

Here is a better example.

 

I'm still getting the Bit Defender Hijack, regardless of browser.

Now the difference may be - I am running a 30-Day full trial key. I had assumed the 30-Day key was the same as the paid key, but it looks like ad hijacking is part of the package for the trial activated key? I've now tried this on two seperate PC's, and the results are the same. Bit Defender (30-day trial key) is hijacking all of my searches. Also, I was running Opera without the BD plugin, I noticed you guys are running the BD plugin.

So to clarify - to help pin this;

1) Running 30-Day full trial key - Bit Defender IS 2014
2) Running Under Opera w/no Adblocker at all.
3) BD browser plugins not activated.

My guess is - it's the trial key that hijacks advertisements, and this functionality is removed once the product is paid for. Brilliant, albeit a bit underhanded, and they just lost a 50 seat enterprise license pack I was due to order for a client because of this. Avira got the sale.

 

I am also running a 30 day trial key...

 

Turn off Encrypted Google.

Try again.

 

Similar results as before.

 

Before purchasing my 2 year key i too had the trial version i did not see what your seeing.

 

Well I duplicated it a half dozen times, over two machines now. Not sure what else I can do..

Toggle Site Advisor on = Bit Defender intercepts/replaces ads. Turn Side Advisor off, it doesn't. Really unsure of what I can do at this point, or if I even want to waste time on it since it already disqualified BD for a client. Screenshots show it was taking place directly related to Site Advisor status.

 

Ya strange..Post this over at the BD forum,maybe they would like to know.


http://forum.bitdefender.com/index.php?act=idx

 

May be is country dependent? Possibly you are on different countries. Just a wild guess

 

You could, if you wanted to, post more detailed "how to verify this for yourself" instructions. Including download source, hash, and other info about the version you are using.

Simply seeing an ad for BitDefender is not proof it was BitDefender that injected it, so such instructions would explain how you verify that it is actually BitDefender that is replacing and/or injecting ads. That the ads are only seen when a BitDefender feature is enabled suggests that the feature is in some way responsible, but you'd want to drill a bit deeper and prove the hypothesis by observing the underlying mechanism(s) in action. Do you see HTTP responses being modified, is it achieved through DOM manipulations, etc. IOW, a more detailed description of "and then redirects/replaces/hijacks/injects it's own advertisements into the stream" could help.

In this crazy world of advanced tracking/profiling/ad-targeting we must consider the possibility that some behaviors will be very specific to us and what we've done. For example, it seems theoretically possible that if Google saw someone search for product X and/or in some other way determined that they downloaded/used a *trial* then Google might serve product X ads to that person. In at least some cases, part of the testing process would involve steps to eliminate such possibilities (logging out of accounts, deleting cookies, changing IP Address, verifying that a product isn't making its presence known to a remote server by adding a header or routing traffic through its VPN/proxy, disabling browser and/or AV features which phone home info about downloads/URLs/file-hashes, so forth).

Note: Not picking at you DoctorPC, just trying to "ask questions that should be asked" so to speak.

 

I bought the $9.95 2 yr. Bit Defender got it downloaded but could not register it, then could not provide a password that they would accept. A number of emails to Bit Defender about the problem then finely got it. Next I found it to be a free copy of 2013 instead of the 2014 that I purchased. Then reading all the negative problems this company has. I deleted this crap. Live and learn.

 

No problems here with BD did you try posting over at the BD forum?

where did you buy your license from?

 

As I am trying Bitdefender Total Security, this is forgivable because you simply disable "Search Advisor"...which I would disable anyway.

 

Agreed. It's still pretty sleazy.

Anyway, I am tired of these AV packages with so much useless bloat. Because how useful is a site advisor, poorly done privacy cleaner, system vulnerability scanner? All of that is really useless fluff.

Webroot itself seems to be getting slower, more sluggish with each new revision. I have gone back to the old fashioned, light, effective, and basic Avira. I hope Avira doesn't succumb to bloating their product like every other vendor. Bit Defender is laden with bloat, and replacing ads is just another strike against it. But the client elected a 50 seat of something else anyway, this was just icing on the cake.