Beware the mobile adware, Sophos warns
By Tan Jee Yee May 16, 2019
- Mobile adware can exist in apps, even ones on legitimate app stores
- Adware could do worse than drain battery, can send info to another party
ADVERTISEMENTS. Living in a world driven by capitalism means living in a world of constant ads, pushed to you in every corner of existence. Considering that more than 98% of Malaysian households browse the Internet through their smartphones, that device in your pocket is a walking billboard personalised for you.
That is in and of itself an accepted reality, if not merely tolerated. But sometimes, these ads can turn malicious.
Mobile adware is something we don’t typically mark as “dangerous”. They’re defined as unwanted software designed to display advertisements on your screen, either within a web browser or, on mobile devices, through installed applications. Typically, adware uses underhanded methods to disguise itself as legitimate, sometimes piggybacking on another programme to trick you into installing it.
The thing is, adware is currently on the rise. In 2018, mobile in-app advertising fraud (which involves adware) surged as much as 800%, Business Insider reports.
For the longest time, adware was mostly considered a nuisance. They pop up on your screen, peppering you with images of weight loss pills, quick rich schemes and warnings that your device has been infected by malware. At worst, they redirect you to other malicious software, but only if you click on them.
However, as Wong Joon Hoon (pic above), Malaysian country manager of British IT security company Sophos points out, adware has outgrown its nuisance to become something that can impact users in ways you don’t expect.
“The impact could be great. Now, adware can be used to collect personal data, browser history, banking information and so forth,” Wong says.
He highlights two types of adware that can infect smartphones. The first is viewable – essentially ads that pop up on the screen in order to grab user attention. The second is non-viewable – ads that, somewhat terrifyingly, display only at a 1x1 pixel size in order to record user behaviour and transfer information to cyber miscreants.
Several things can happen with this. For one, adware can run down battery devices and use up the owner’s data plans. Sometimes the adware is designed to analyse the location and sites you visit, then present advertising based on your preferences.
This transference of information surreptitiously poses an even bigger problem than just the loss of personal info. Wong says that with corporations increasingly cultivating a “bring your own device” (BYOD) work environment, adware could lead to the leaking of company data.
“The border between corporate and personal is getting thinner. Today, everyone is having their corporate contact list – phone numbers and emails – in their smartphones,” Wong says, adding that personal devices are also now used to access the company cloud. “Adware could impact the leaking of company data, and that is a crucial thing we need to address.
The prevalence of adware and mobile in-app advertisement fraud has another hidden cost – the cost of the advertisement might be passed back to the customer.
Wong says that adware developers are able to divert users into a website that is simulating clicks to the advertisement. See, online ads work by paying advertisement hosts through views (called impressions) and click-throughs (that is, when a person clicks on the ad). Adware makers can fraudulently simulate these click-throughs in order to gain revenue from companies running those ads.
Wong posits that if the cost of running online ads increases due to these fraudulent acts, then the cost will be passed back down to the consumer. All in all, adware makes things worse for consumers directly and indirectly.
The many places to contract it
How do people end up contracting adware? Wong offers a few reasons. Firstly, adware can be contracted merely through surfing websites, more commonly, “questionable” sites. Sometimes, adware can even be present in a smartphone through pre-loaded apps from phone manufacturers, whether through the firmware or during the supply chain.
Adware is also present in downloadable apps, of course. Generally, apps from third-party app stores and other places that are not the official app stores (Google Play or the Apple App Store) can contain adware, as they are not screened and checked for security issues.
But even apps from official app stores can contain adware. Wong says that while the respective app stores do their best to check through each app, hackers and cyber-criminals may have found ways to exploit them.
“Hackers, malicious program users are smart, and they have been gaming the system for years. They know the loopholes,” Wong notes.
This is concerning, as a particular app may have been installed by thousands of people before it is discovered as containing adware. Wong points to a report last year which found that popular apps from Cheetah Mobile and Kika Tech, two of the biggest developers on Google Play, were removed from the play market over reports about click fraud. These apps (the CM File Manager and Kika Keyboard) were already installed more than 150 million times.
Not all apps contain adware the moment you install it. Some, when unpatched, contain backdoors or loopholes that hackers can exploit to install malware.
There are steps to protect yourself, of course. Wong says that the best thing to do is to avoid downloading apps from third-party app stores or suspicious sources. He adds that social engineering is often used to spread these adware – a friend of yours may have come across a cool, free app from a third-party source and recommend it to you, not knowing that it’s malicious.
It’s also good practice to study an app’s reputation and reviews before downloading it from official app stores. Wong acknowledges that it won’t be easy to be able to spot which app has adware or if they’re fraudulent apps with the naked eye, but everyone should take their time to ensure that the app looks legitimate before downloading.
If you end up having adware in your device, you should definitely uninstall the app, which may or may not work. Resetting your device and wiping it clean could help as well.
But perhaps the best security measure is to simply ensure that you have a security app installed in your phone. It should certainly come from a legitimate source, be it Norton, Kaspersky or Sophos’ own Mobile Security app. Not only can the security app detect and remove adware, it can also notify the user about poor reputation apps as well as constantly run assessments of all apps installed, to make sure that they’re not breached.
At the very least, security apps can function as a safeguard when your vigilance lapses. “Even people who are as educated about cyber-security as security engineers need to have something that can systematically check and make sure the apps are safe. We are only human,” Wong says.
As with most things pertaining to cyber-security, it’s always a “prevention rather than cure” mentality that we need to embrace. Adware is no laughing matter, and it’s certainly best to prevent it.