Adware Attacks: One of the Most Underrated and Overlooked Threats

  • A report saw approximately 24 million Windows adware detections and 30 million Mac adware detections.
  • Various adware are being popularly used by cybercriminals to exploit all aspects of COVID-19 for their nefarious purposes.

During the early 2000s, adware attacks were at their peak. It was common for online users to be bombarded with unwanted pop-ups, pop-unders, and spontaneously opening browser windows to show advertisements. At the time, only a few software claimed to remove such annoying pop-ups to offer a basic level of protection.

Today, after decades of progress, many advanced tools have been developed by security experts to tackle the adware menace. Yet, some recent reports indicate that the threat of adware is still thriving.

The state of adware
Adware is often seen as a mere nuisance for online users. However, in many campaigns, the adware is utilized for much more malicious purposes.

  • The security firm, Avast, found in its research that adware now accounts for the vast majority of Android mobile malware with 72% share. The remaining 28% malware comprised of banking trojans, lockers, fake apps, and downloaders.
  • Right now, various adware are being popularly used by cybercriminals to exploit all aspects of COVID-19 for their nefarious purposes. A recent report from Kaspersky found more than 120,000 suspicious malware and adware packages masquerading as versions of the virtual meeting programs like Zoom. The two adware families that stood out were: DealPly and DownloadSponsor.
  • Adware may not be the biggest threat in terms of losses but it has remained the number one in threat category for businesses overall. A report from Malwarebytes revealed that it has increased by 463 percent in the last year as compared to the 2018 levels.
  • The same report saw approximately 24 million Windows adware detections and 30 million Mac adware detections, surpassing the former for the first time ever.
 
Advance capabilities of adware
The aggressive display of advertising on the user’s device causes a speedy drain the battery.

  • Adware such as DealPly and DownloadSponsor are capable of carrying installers that display ads or download other adware modules. Such adware often appear on devices after being downloaded from unofficial marketplaces.
  • In some attacks, DealPly and malicious Chrome extension ManageX can come bundled within a legitimate installer and other potentially unwanted applications (PUAs).

The ongoing battle
For Android alone, there are hundreds of app submissions every day, so it is challenging for the security teams managing the PlayStore to spot every threat. It is relatively easier for hackers to disguise their apps as legitimate, or piggyback on other legitimate programs.

  • At the beginning of March, Google kicked-out 56 applications that appeared benign but were injected with adware. By then, these apps had accumulated more than a million downloads.
  • Three weeks earlier, the Edge browser announced that it will scan and block adware downloads by default through its platform, and also notify people for credential breaches.

Closing lines
Adware is a longstanding threat which is often overlooked in the light of more notorious threats. Though adware may be less harmful than some other threats, it is important for security teams to develop mitigation strategies against it to rapidly fortify their security posture.