| This may be ancient history, but I believe this understates Crossrider's active role in the adware/malware that was being widely installed. Per this research from Google and other academics [1][2], Crossrider was one of the largest "affiliates" of Superfish and other ad-injector malware. To my understanding, Crossrider was essentially a distributor: they delivered installs, recruited advertisers, and brokered deals with software publishers, knowing that they would be adding malware/adware to the downloaded bundles that would persist on users' machines. And knowing that some users (most or all, really) didn't realize what was happening. Rather than being a mere bystander, if the researchers are correct and per the HN thread below [3], Crossrider was an active--and essential--participant in the "Download Valley" ecosystem. It may or may not be relevant to today's Kape, but we should at least be honest about what these guys were doing in the past. It was ugly. They weren't the only ones, but they were clearly not on the side of the angels. (Worse, YC funded one of their competitors called InstallMonetizer.) [1] https://pdfs.semanticscholar.org/8914/94e6d2a9e96985ccca1c44... [2] https://www.ieee-security.org/TC/SP2015/papers-archived/6949... [3] https://news.ycombinator.com/item?id=9120593 (edit: spacing) |
Yep, "consider the source." It's weird how people will strongly imply that reputation doesn't (or shouldn't) be a factor when the internet is involved, that even criminals should be able to fail upward.