Skip to Main Content

Avira now identifies SilverPush ad-tracking as malware

Even worse, they are doing it right in front of you – but you don’t know it.

Welcome to the world of cross-device tracking where the only thing you have to lose is your privacy as an autonomous human being.

This is no nightmare futuristic scenario, it is now. But it does not have to be for people using Avira antivirus software.  Avira, the German security company, now detects the SilverPush tracking software as Trojan malware.

Devices running Avira security software will now warn users if this software is present or about to be downloaded. If the software is already present, Avira will either remove or block it from operating. The new detection will protect the millions using Avira security software or the Avira anti-malware engine in their device.

SilverPushThe SilverPush technology enables advertisers to put an ultrasonic “sound beacon” signal into TV commercials which people can’t hear – but their devices can. This signal can be heard by apps which have SilverPush software – and they respond with a message sent back to SilverPush – identifying where the ad was seen and the precise broadcast channel. That’s just the start: The message also identifies the exact ID of the device, the Wi-Fi router MAC address, details about the device’s operating system, and best of all – the user’s phone number.

After putting the pieces together, SilverPush and its clients can have a very detailed portrait of the end consumer preferences. It’s a marketing dream – a technology that enables cross-device tracking and targeted ads – but who is taking care of the user and their need for privacy?

“What user privacy?—and this is a big, big problem for us,” says Travis Witteveen, CEO of AVIRA. “The functionality of the SilverPush software is way out of line for a legitimate advertising software development kit – given the way this software sucks up data on the individual user, the extent of this data, and the insecure transport of this data back to SilverPush – so we are now detecting this as a Trojan.”

Analysis from the Avira Virus Lab shows the detailed level of user data sucked up and broadcast by SilverPush. “They even transmit the user’s phone number – which is certainly classified as personally identifiable information … along with other data like the device’s IMEI or MAC address – details which identify the individual device,” pointed out Mr. Witteveen. “With this amount of data, SilverPush could order and deliver a pizza for viewers when they sit down to watch a Western on TV.”

SilverPush is not the only tech firm working on cross-device tracking. Others active in this area include Adobe, Drawbridge, and Flurry. But thanks to the way SilverPush sucks in and handles user data, they have been at the center of a media storm involving the US Federal Trade Commission and its review of cross-device tracking of users by marketing firms.

“The best solution is increased transparency and a robust and meaningful opt-out system. If cross-device tracking companies cannot give users these types of notice and control, they should not engage in cross-device tracking,” stated the Center for Democracy & Technology, an American advocacy group for internet privacy in a letter to the FTC.

At Avira, we agree with this position. And until these details are figured out, we will identify SilverPush for what it is. As the CDT has pointed out in the same letter, privacy is important and recent polls show that 91% of Americans feel like they have lost control over the way their personal data is being collected and used.


This post is also available in: German

Avira, a company with over 100 million customers and more than 500 employees, is a worldwide leading supplier of self-developed security solutions for professional and private use. With more than 25 years of experience, the company is a pioneer in its field.