Skip to main content

The internet’s free-wheeling spirit is dying, and we have malware to thank


(in)Secure is a weekly column that dives into the rapidly escalating topic of cybersecurity.

Malware has a lot to answer for. It’s filled our browsers with nonsense advertisements, stolen our banking credentials, locked up our files, and caused the widespread crashing of countless systems. But malware is also having another unintended effect that’s just as problematic: It’s making the internet a centralized, monopolistic place to be.

Recommended Videos

That might seem hyperbolic but malware intentions are typically quite clear: Make the author money.

More (in)Secure

It’s been a long time since worms, trojans, and viruses were used to stroke the digital egos of the world’s greatest hackers, no matter what hat they wore. But the best practices to protect ourselves from malware can send us down well-trodden paths, leading to increasingly limited software solutions for everyone.

Don’t trust the outliers

As much as we all rely on the big players like Google, Microsoft, and Apple, one of the joys of the internet is the diversity of options. But when speaking to digital security professionals, the advice they almost always give is to stick to official app stores, popular search engines, and tried-and-tested browsers. It keeps you safe by virtue of there being plenty of oversight and budget to protect those platforms and services.

“We recommend using official platforms,” Jerome Segura, Malwarebytes’ head of investigations, told Digital Trends. “The non-official areas […] are very dangerous unless you know what you’re doing. It’s similar with app stores. There are a number of portals out there that offer sideloading for Android in particular. And people that want to get apps for free may want to download from those services. They bypass the security mechanisms that are in place to install from nontrusted sources and will typically end up with trojanized apps.”

This is legitimate, good advice. From a security standpoint, we all know it’s a bad idea to download torrents, or open links or attachments in unsolicited emails. When you acquire something from a source that isn’t vetted and proven to be secure, you run the risk of being infected with malware. But increasingly, even choosing software that’s just a bit off the beaten path, is considered a security risk.

Earlier this year, Microsoft’s Bing search engine served up sponsored links to sites infested with malware.

“Traditionally, we would advise people to stay away from the smaller players because they may not have the resources to assure that there are proper security measures,” Segura continued, highlighting the problem now faced by those looking to stay safe online and still enjoy the convenience and speed of the modern web’s access to information and media.

As we’ve seen from security scares in recent months, even those trusted sources aren’t perfect. When it comes to knowing who to really trust with your data and security, there isn’t much choice out there. Even some of the platforms and services offered by some of the biggest companies in the world aren’t necessarily safe, simply because they don’t receive quite as much attention as their contemporaries.

Vulnerability on the edge

In the case of spaces as limited as web browsers or search engines, options for the security-minded are tighter than ever. Being a “major player” isn’t enough here.

Microsoft’s Edge browser was its most recent attempt to take on the likes of Chrome and Firefox, and its search engine, Bing, has been hoping to claw back some of Google’s market share for years. Despite the backing of such a major company, both platforms have been part of some serious security gaffs in recent months. That’s at least partially thanks to malware.

Bing Pushing Malware when Google Chrome is Searched

Earlier this year, Microsoft’s Bing search engine served up sponsored links to malware infested sites when users ran the Edge browser to try and download Chrome.

“Protecting customers from malicious content is a top priority, and we have removed the ads from Bing and banned the associated account,” a Microsoft spokesperson told Digital Trends. “We encourage users to continue to report this type of content so we can take appropriate action.”

As that same spokesperson made clear to us, the malware made it past technologies in Edge that are meant “to ensure you are protected while surfing the web, and are talking to the website you think you are talking to.” Bing also supports “a variety of automated malware-scanning technologies within its indexing and crawling pipeline,” we were told.

“Browser vendors have known about these issues for years … “

To Malwarebyte’s Segura, though, the fact that malware was still served up to Bing users isn’t surprising. Although there are a plethora of security technologies in place in the Edge browser and in the Bing search engine, this is a problem inherent in the current model of profit-driven search advertising.

“Browser vendors have known about these issues for years, but there always seems to be ways for malicious advertisers to kind of game the system and still come up on top,” he said. “The problem is that unless search engines really say they are not going to use any ads, then the problem is always going to be there to some degree.”

But it’s not just search engines that face difficulties with malware slipping through the cracks of large organizations. Even Apple’s famously insular and closed-off Mac App Store has been used by malware authors to spread their dangerous software. As recently as September 2018, a paid-for application that claimed to be able to protect your Mac from spyware actively collected browser information and sent it to a server in China.

Adware Doctor
Adware Doctor in the Mac App Store was stealing users’ sensitive information and sending it to a server in China for at least a month before Apple pulled it off the app store. Image used with permission by copyright holder

With far fewer people using it than the populous iOS App Store, it receives far less attention from Apple and is more vulnerable to malware attacks. Despite that concern, the Apple name resides on it just as it does the iOS App Store, suggesting to Mac owners that it receives the same scrutiny and therefore making it more vulnerable to attack.

Being a “major player” in one space doesn’t necessarily translate to others. And unfortunately, that’s where malware tends to sneak in and force even near-trillion-dollar companies to succumb. Microsoft’s Edge, again, is the best example of this.

Limited and flawed options

As of the end of 2018, more than 60 percent of all web users now use the Chrome browser. That’s a good thing when we’re talking about security. No longer are we faced with a world dominated by Internet Explorer and its Swiss cheese security, or Flash Player’s similarly porous defenses. But it’s not a great thing when it comes to providing options and alternatives.

Stick to software that’s well-known, has been well-vetted, and is well-funded enough to protect itself and its users.

This was exemplified by Microsoft’s recent announcement that Edge, its flagship Windows 10 browser, was to be replaced by something else built on the Chromium engine that’s used in Google’s Chrome browser. It was something a company like Firefox immediately saw as a bad decision for the future of the internet.

“Microsoft is officially giving up on an independent shared platform for the internet,” Firefox said in a recent address. “By adopting Chromium, Microsoft hands over control of even more of online life to Google, [which is] so close to almost complete control of the infrastructure of our online lives.”

Firefox is one of the few alternative browsers left in the fight. Despite it being possibly more secure and certainly more private than Chrome, it only commands a few percent of the web’s user base. It’s not hard to see why its developers see the rapidly contracting market as deeply troubling.

Firefox
Firefox Quantum Image used with permission by copyright holder

If security isn’t the only reason that Chrome dominates the browser landscape, it is a major part of it. Microsoft has never truly recovered from the ballooning public sentiment that its browsers with an “E” logo just weren’t secure or bug-free enough to consider using as anything other than a download tool for a better browser.

Combine our tendencies with an (often deliberately encouraged) limited landscape of viable software options, and it’s easy to see that there is a real snowball effect of the most common platforms only increasing their hold on our service choices. In turn, due to their popularity, those services become even greater targets for malware authors.

The exceptions to the rule

We, and our sources for this article, stick to the stance that to be as safe as you can be online, you should stick to software that’s well-known, well-vetted, and well-funded enough to protect itself and its users.

However, there’s a caveat. Some products are being developed to offer an alternative to the typical options, and they are built with security in mind from the ground up. They have the potential to become big players in various software markets. Their desire to move away from some of the profit models that make traditional software and services so susceptible to attack could make for more secure choices for consumers in the future.

For example, the Vivaldi browser hopes to bring back some of the most popular technological features of classic Opera web browsing. The Brave Browser is built on Chrome’s Blink engine, but is created with privacy and security in mind, automatically blocking web trackers and advertisements. It’s also exploring a pay-to-browse scheme that would see users rewarded with cryptocurrency for time spent looking at advertisements while browsing.

In the search engine space, there are more privacy-focused options than ever. DuckDuckGo continues to grow in popularity, while alternatives like Search Encrypt, StartPage, or the blockchain-powered BitClave provide even greater breadth of choice.

The power to decide how we access the online world in all its guises still resides with us. It’s our choices that shape the future of the internet. If we want more varied options, we have to vote with our fingertips and download those apps and run those services. Malware is indeed scary and we should be wary of it enough to be smart with how we use online services, but there are better options out there than the few that we’re already familiar with. We just need to be willing to search them out.

Jon Martindale
Jon Martindale is a freelance evergreen writer and occasional section coordinator, covering how to guides, best-of lists, and…
Apple may finally fix the worst things about the MacBook Pro
Someone using a MacBook Pro M4.

Future MacBook Pro models may trade in Apple’s now signature notch design for a hole-punch camera motif.

A component road map from research firm Omdia details that Apple has plans to make changes to the display of its 14-inch and 16-inch MacBook Pro models that will be released in 2026.

Read more
What is AppleCare+ and is it worth adding to your MacBook?
A person using a MacBook with an Apple Studio Display.

If you’ve just kitted yourself out with one of the best Macs, you might be looking to protect your purchase with some kind of insurance. If that’s the case, you’ve probably heard of AppleCare+. But what exactly is AppleCare+, and should you buy it for your MacBook?

Here, you’ll find everything you need to know about AppleCare+, including what it is, how much it costs, and whether it’s worth it. Read on and you’ll be able to make an informed decision for your Mac in just a few minutes.
What is AppleCare+?

Read more
7 surprising things you didn’t know you could do with AI
robot and human hands touching fingertips

When most people think of generative AI, their thoughts immediately jump to popular AI chatbots like ChatGPT, Gemini, and Copilot — all of which do basically the same sorts of generative things, just wearing different hats.

In reality, AI is capable of so much more than simply regurgitating text, images, and computer code. A new surge of AI tools is enabling all sorts of things you may not have thought possible before. This list could be much longer, but to give you a taste of how broad AI is reaching, here are seven surprising tasks that generative AI can help you accomplish.
Build an online brand

Read more