Is SearchLock malware, a virus, spyware, or a browser hijacker?
April 10, 2017
Is SearchLock malware, a virus, spyware, or a browser hijacker? A couple of weeks ago we started noticing several blogs and sites listed in Google’s search results that were framing SearchLock as malware.
Obviously concerned, we started an investigation. But before we dig in, let lay this one to rest:
No, SearchLock is Not Malware.
I can personally assure you that SearchLock is completely safe and in no way poses you harm.
Specifically, SearchLock is absolute, 100% NOT a virus, malware, or spyware. I am co-developer of this project, and the leader of this company and I absolutely would not put my reputation on the line by creating any sort of malware. It’s just not worth it.
The Investigation into Damaging Google Results Begins
So, where did these suspicious results come from? It seems like these results all appeared in Google within days of each other. Naturally, the first thing I did was read some of the posts.
I was in for a shock. While there are indeed some great info sites out there about legitimate threats that PC users might face, it was immediately evident that these articles were different. They were filled with scare tactics, questionable English, an astonishing lack of research, and all sorts of stinging accusations about SearchLock.
Most of these malware and virus alert blogs such as im-infected.com contain several almost identical boilerplate articles. These articles are often highly templated and are designed for maximum exposure in search engines. They all managed to rank higher than us for our brand keywords surprisingly quickly.
Lies, Misinformation, and Libel for Profit
Much of the information in these posts is 100% false. As they would have you believe, SearchLock installs itself sneakily onto your system and watches your every move, only to display annoying popup ads which cause more viruses. Oh, and apparently it is nearly impossible to remove.
It’s all laughable, really. Anyone who has actually used SearchLock would tell you so.
SearchLock does not come bundled with any freeware, heck it’s not even an EXE. It cannot “sneak” onto your computer, does not cause popups, and cannot steal your identity or cause other viruses. To install SearchLock users must click and confirm just like with all Chrome extensions.
No malware, no sneakiness, no bundling of other programs, none of the other shady things that these nasty posts accuse SearchLock of.
What.DLL? Fabricating Threats to Earn a Buck
Here’s a perfect example of the completely false, un-researched, and cookie-cutter approach that these sites use:
The accusations made by these sites and the scare tactics they use are damaging to our reputation and helping the publishers earn a few bucks in the process.
Show me the Money!
In every case, you will notice that the resolution to removing the “SearchLock malware” is to download and optionally purchase some type of antivirus software such as SpyHunter, AnviSoft, or Malwarebytes.
Their removal instructions are a total joke. You don’t need ANY of these to remove SearchLock from your browser.
These install buttons are affiliate links, where the publisher of the article receives a commission when someone downloads and/or purchases. Specifically:
- AnviSoft affiliates earn 80% of each sale. Could this be the motivation?
- SpyHunter affiliates earn 75% of each sale. Mmm hmmm.
- Malwarebytes promoters earn 30%.
- Some of these affiliates may even have agreements to receive a fee just for an install, no purchase necessary.
Libel Lawsuit Uncovered
Digging deeper into the matter, we uncovered that at least one of the owners of these blogs, Sean Doyle, has a lawsuit in his past for doing the same thing to another software developer.
Sean’s nasty review of the software in question was ultimately removed from his website.
Does it really take legal action to have this type of situation rectified? It would be easier for everyone if the affiliates in question could find a more legitimate way to promote their software offers. We can always hope…
Knock Knock, is Anyone Home?
Other than Sean, who else owns all of these blogs and sites that are badmouthing SearchLock with such inaccurate information?
We tried to uncover who the owners of the other blogs were so we could get in touch with them about removing or at least correcting these posts.
I had a little hope when I found a “contact us” page of one of the offending sites:
An email to im-infected.com was returned as undeliverable. I wish I could say I was surprised.
Other sites were rife with broken “about us” and “contact” links, non-existent contact information, adorned with fake, un-contactable Google+ profile pages, and foreign addresses. For some reason, several of the businesses that did list an address was located in and around Russia.
The Truth: Black Hat Affiliate Marketing with Search SPAM
It’s obvious to me now that these tactics are a quick way for the publishers of these articles to make a quick buck at the expense of companies like ours.
The combination of scare tactics, long, search-friendly spam articles that attract clicks, and paid affiliate promotions for malware removal is the perfect brew to scare people into action.
Luckily, Google is getting better at detecting these types of abuses and removing them from their search listings. Unfortunately for us, there is still much room for improvement.
The Final Verdict
I wonder if the companies whose software is being promoted would condone such actions by their affiliates. I doubt it. It’s shady and ultimately damages the brands these sneaky affiliates are promoting.
We will do everything we can to have these damaging articles removed and rectify our reputation. It may take a while, but we won’t give up the fight.