News & AnalysisNewsletter

Mobile adware: The Silent Plague with No Origin

By Evan Dumas

We are witnessing a plague of mobile adware, one of the most common forms of cyber-threats designed to collect personal information from a user’s device. Roughly 4 billion people are connected to the internet via their smartphone, yet companies rarely prioritise mobile security. Check Point’s  Cyber Security Report 2020 shows that in 2019, 27% of companies suffered a cyber-attack because the security of a mobile device was breached.

“It only takes one compromised mobile device for cybercriminals to steal confidential information and access an organisation’s corporate network,” explains Yael Macias, Product Marketing Manager from Check Point. “More and more mobile threats are created each day, with higher levels of sophistication and larger success rates. Mobile adware, a form of malware designed to display unwanted advertisements on a user’s screen, is utilised by cybercriminals to execute sixth-generation cyber-attacks.”

The enemy is the adware’s point of origin

The main problem with adware is pinpointing how a phone became infected. Adware is developed to sneak onto a device undetected without uninstallation procedures. Removing this type of virus can be extremely difficult and the information it collects, such as a devices operating system, location, images, etc., can be a high security risk.

Adware is commonly distributed through mobile apps. According to Statista, there are 2.5 million apps available to Android and Google Play users and there are 1.8 million apps available on the Apple Store. These figures demonstrate the wide scope of this kind of attack, giving a clear indication as to why cyber-criminals focus on mobile devices.

One example of the power of the adware plague is Agent Smith, a new variant of mobile malware detected last year by Check Point’s Researchers. Agent Smith infected roughly 25 million mobile devices worldwide, without being noticed by users. To do so, it imitated a Google application and exploited known vulnerabilities in Android systems, automatically replacing installed applications with versions containing malicious code, all without the user’s knowledge. It also exploited the devices resources by displaying fraudulent ads which could generate a profit by stealing bank credentials and eavesdropping.

Tips to protect yourself from mobile adware

In this case, prevention is the best solution because it is difficult to remove adware once it is installed on a device. Here are some tips to protect yourself and your organisation from mobile adware:

  • Only download apps from official Google Play or App stores. Pay attention to the number of downloads and the reviews by the users.
  • Check whether the functions the app asks you to access are necessary. For example, if a flashlight app asks for access to your contacts, it is a red flag.
  • Avoid allowing the app to function in the background (unless it seems completely necessary)
  • Update your device and the application to the latest version, with all necessary security patches available.
  • Utilise security tools to help you protect your device as cyber-criminals can attack both Android and iOS users.

The mobile adware plague can be prevented with SandBlast Mobile, Check Point’s security solution that protects organisations against advanced mobile threats with an on-device Network Protection infrastructure. By reviewing and controlling all device network traffic, SandBlast Mobile prevents phishing attacks on all applications such as email, SMS, iMessage and instant messaging applications. It also prevents access to malicious or restricted websites and stops infected devices from accessing corporate resources and communicating with botnets. To ensure the privacy of users and their data, SandBlast Mobile validates traffic on the device itself without routing the data through a corporate gateway.

(Evan Dumas is the Regional Director, Southeast Asia at Check Point Software Technologies and the opinions expressed are his own)

Leave a Response