I received a worried call from a client last week. They were getting spyware pop-up and balloon warnings, and were concerned they had a virus of some kind, Based on the behavior they described, it sounded like a case of Antivirus 2009 or one of the similar crapware download Trojan programs.
When I started working on the computer, I saw that the alerts and pop-ups were from a "security" program called CyberDefender. I quickly Googled the name, and actually came across a bunch of favorable reviews from the likes of USA Today, PCWorld, and TuCows.
I also came across a couple of negative reviews.
http://dailycupoftech.com/2006/12/01/dcot-exclusive-cyberdefender-interview/ Daily Cup of Tech blog
A couple of weeks ago, I wrote a quick post about a new security program called CyberDefenderFREE 2.0. Little did I know that there was going to be some controversy about this product (see the comments). It seems that there was some concern from the vigilant DCoT readers that this software may have been built by a company previously known for, of all things, spyware. Another reader pointed to a German website (English translation) that indicated that the software was slow and ineffective.
http://www.securitycadets.com/2007/05/cyberdefender-and-its-adverts/ Security Cadets Blog
Not long ago we reported that a program named CyberDefender came with adverts in it’s paid version. Steven Burns from Ur I.T. Mate Group was the first to report this.
Based on my own experience with the product, I uninstalled it. I personally give it two thumbs down on the basis of its behavior alone. The client had installed the "free" version, and the pop-ups were basically marketing nags for the paid "professional" version. What I didn’t like is that they were not straight up ads, but social engineering ploys like "we’ve discovered infections that the paid one can remove" type. I don’t trust companies who think the only way to market their product is through deception, trickery or fraud. Hey, if your freekin product is so great and wonderful, it should stand on its own merits.
I don’t know why TuCows and PCWorld, whose opinions I would normally respect, went positive on these guys, I can only assume they did not actually install and use the products, actually test them, but were merely passing on the press release boilerplate of the developer. The link above at Daily Cup of Tech includes and interview style response from the software developers.
My advice – avoid this one!! Whether they are legitimate or shady, this product has too many fine proven competitors, like PCTools Spyware Doctor or AVG Internet Security, to waste your time finding out if they are good, bad, or just plain ugly.
About the Author:I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com