Mention Cybercrime to most people and they start to worry about having their data stolen, being asked to pay a ransom to have their systems unfrozen or discovering they’ve been hacked and their credit card is spending lots of money in some obscure part of South America. Compared to these threats – all of which are undeniably genuine – the idea of falling victim to Adware may seem to register as more of an inconvenience than an out and out disaster. This is an unwise way of looking at the issue of Adware, however since the initial impact of falling victim to this form of malware, annoying as it undoubtedly is, it’s often just the precursor to much more problematic repercussions.
The casual approach which many people – individuals and businesses alike – take toward Adware is perhaps one explanation for the fact that this particular type of Cyber criminality was described by Malwarebytes in their 2020 State of Malware Report as being the factor which had:
‘…reigned supreme for consumers and businesses on Windows, Mac, and Android devices, pulling ever more aggressive techniques for serving up advertisements, hijacking browsers, redirecting web traffic, and proving stubbornly difficult to uninstall.’
Diving deeper into the statistics gathered in the report makes it clear that adware, which has been present in one form or another since as long ago as 1995, is posing as much of a problem as it ever has, if not more. It was found to have become more aggressive in 2020 than it had been the year before, and equally likely to target consumer and business endpoints on Windows, Mac and Android devices. Indeed, there were 24 million Windows adware detections and 30 million Mac detections, with the top three in the consumer threat detections rundown and the number one business detection being occupied by Adware.
At the same time, figures gathered by Avast Threat Labs highlighted the degree to which Adware is now targeted to mobile devices, and makes up the vast majority of the malware targeted at Android mobile systems. The occurrence of such Adware rose by 38% during 2019 and, between October and December of that year, accounted for 72% of all mobile malware.
The Impact of Adware
Perhaps the reason behind the underestimation of the threat posed by Adware can be traced to the fact that when its presence first becomes apparent on a device, it does so in ways which are more annoying than overtly sinister. Adware takes the form of unwanted software which, once installed on a device, leads to adverts being thrown up on the screen, usually within a web browser. Clicking on the ads to close them often only leads to more ads and working through a plethora of pop-ups in order to reach the page you initially thought you were loading, can be a slow and arduous process. In some cases, the Adware will actually change the home page of your browser, and it is always collecting your browser history in order to target the unwanted ads which it chooses to throw at you.
Once in place, Adware can become increasingly intrusive, causing your device to run more slowly, blocking access to specific sites, or even crashing the device altogether. In the most extreme cases, the Adware – as well as gathering information to target advertising without your permission – will act as a portal for more malicious actors, installing spyware on your device enabling hackers to gather personal details such as financial information and payment methods.
How Adware gets on a Device
There are two ways in which Adware generally makes its way onto a user’s device. The first of these is by mistake, when the Adware is included with another programme they have opted to download. This underlines one of the aspects of Adware which makes it so difficult to deal with –the fact that it inhabits a legal and moral grey area. Where a virus placed on a device by a Cyber-criminal is concerned, the illegality is clear and incontrovertible, but many legitimate software applications feature online advertising displayed in ways specified by the developer, often as a means of paying for the creation of the software itself. Adware takes this principle but exploits it to trick the user into downloading a programme which then hides itself deep within the device, and on other occasions, the Adware might actually download itself to your device simply because you happen to be visiting a website which has become infected. Both cases highlight the importance of taking care when online, both over the security of the sites visited and – even more importantly – over the status of any software downloaded, particularly if it comes free of charge.
Perhaps the clearest means of underlining just how serious the problem of Adware can be is to take a look at a few examples of famous – or rather infamous – Adware programs from the past to the present and the impact they either have had and could have in the future:
A study which took place in 2017 found that more than a quarter of a billion computers, and a fifth of the corporate networks worldwide, were infected with Fireball. The Adware was initially developed by a Chinese marketing agency called Rafotech and was bundled with software such as Mustang Browser and Deal Wifi. When installed on a device, it could take over the browser, changing the homepage to a fake search engine called Trotux and inserting ads into any web page visited. In addition to this, it blocks the user from modifying their browser. Although, to date, the effects of Fireball appear to be limited to bombarding the user with ads, the deeper concern is that the sheer number of devices on which it was detected, and the fact that it could provide a back door to attack on all of these devices, makes it a huge risk in terms of a future large scale cyber-attack.
Also very common, Appearch is generally bundled with free software and, once installed on a device, it will re-direct every attempt at browsing to Appearch.info. If the user somehow manages to open any other web page, they will find it packed with random links, meaning that any text clicked on will trigger a pop-up offering downloadable software updates. In addition to this, the Adware sometimes shows a message stating that access to a particular website is limited, and that the user can subscribe to notifications to access it. Clicking ‘Allow’ for these notifications will trigger waves of pop-up ads even when the browser is closed.
This is another common Adware programme which causes the usual problems of deceptive ads within the browser, redirects to dubious websites and a blizzard of pop-up ads. The main threat of DeskAd comes from the fact that, unlike some adware, it only takes control of the browser gradually. This means that by the time its presence becomes noticed it has already become so entrenched that only a reinstall of the operating system will suffice.
DeskAd generally arrives on a device via an email attachment and overrides the registry so that it can be launched on start-up. The fact that it replicates itself also impacts the memory of the device and may cause crashes, and the presence of DeskAd across a network of devices within an organisation could have huge repercussions.
The first step to take when avoiding Adware should really go without saying, but it’s worth repeating that your devices should have trusted anti-malware or anti-spyware software installed. While software of this kind can be relied upon to scan the devices to detect and delete Adware which is present or which appears in the future, your devices should also be installed with effective anti-virus software. Don’t make the mistake of thinking that using a Virtual Private Network (VPN) offers protection against malicious programmes and viruses – A VPN provides encryption of sensitive data, but it does nothing to protect your devices from Adware, malware or viruses.
There’s no such thing as being too well protected of course, so as well as installing the right software you should back up your files on a regular basis and update devices to ensure you’re not using older versions of programmes which may have loopholes ready to be exploited by malicious software.
As there’s never going to be such a thing as completely fool-proof anti-adware protection, you can bolster your efforts to steer clear of damaging software by taking great care over your own online behaviour:
- If you download a programme, make sure it’s from a verified and established site
- Don’t download programmes via third party distributors
- Always search for software via your search engine, rather than downloading via a link from an ad
- Use your anti-virus software to scan any programme before downloading it
- Research a programme before taking the plunge and downloading it
- Never download something from a random email
Perhaps the only piece of good news to offer with regard to Adware is that it is relatively easy to manually remove from a device such as a PC or laptop. The first step is to back up your important files which, as stated above, is something which should be happening on a regular basis anyway. Once this has been done, tools such as anti-malware and anti-spyware software should be installed or updated – if you’re device has already become heavily infected and you don’t have software of this kind installed you could download it to another device and transfer via USB.
Before running a scanner, you should check the Add/Remove list in the Windows Control panel to see whether the Adware programme has an uninstaller, as is sometimes the case. If it does then you can highlight the Adware and select Remove, after which you should reboot your device whether prompted to or not.
After removing the Adware which can be manually removed in this manner, you should run the scans installed, and this will result in a list of quarantined Adware for you to deal with. The advice is always to delete the files found, which should deal with not only the adware itself but also any residual files which could re-introduce the Adware to your device at a later date.