What Is Adware – From Nuisance to Threat
Certainly, everyone encountered those irritating pop-up ads which appear onscreen almost out of nowhere, when browsing a website or using an app. But adverts being annoying is just the surface level, some adware are highly manipulative and can act as a disguise for malicious programs. However, there are ways to recognize adware infections and mitigate future ones, but more on that later.
Adware, also known as advertisement-supported software, basically serves the purpose of making revenue for its developers by automatically generating adverts on your screen. These ads can be usually found within a web browser, either on your computer or your mobile device. Further, adware is any software application in which an advertising banner or other advertising material displays or downloads while a program is running.
Legitimate adware is not unheard of, and it is basically meant to help software developers recover development costs or it can also be used to reduce or eliminate the cost of software for users. But more often than not the ads contain cybersecurity threats or act as lures meant to lead users to a malicious webpage.
Adware uses the browser to collect your web browsing history in order to ’target’ advertisements that seem tailored to your interests. It works by installing itself quietly onto your device, with the sole purpose of getting you to click, accidentally or not, because at the end of the day adware exists to make money.
Money can be made from adware by applying any of the following methods:
- Pay-per-click (PPC) — developers get paid each time the user simply opens an ad.
- Pay-per-view (PPV) — every time the user is shown an ad, revenue is made.
- Pay-per-install (PPI) — getting paid each time bundled software is installed on a device.
However, there may be a vulnerability in your software or operating system that could become a cybersecurity threat once hackers exploit it to insert malware.
How Does it Get on Your Device?
Adware’s main victims are individuals rather than businesses, which is basically why the intrusive ads seem to be specific and often lure users with special deals or `secrets` meant to improve the quality of life.
Adware can enter your system or device either if you downloaded a program containing advertisement-supported software (such as freeware or shareware), or by visiting a website infected with adware which take advantage of a vulnerability in your web browser to deliver a drive-by download. The result is that the adware will begin collecting information, redirecting you to malicious websites, all the while throwing more advertisements your way.
How to Detect the Adware Infestation?
Whether it`s your mobile or desktop, malicious adware infestation manifests in various ways, such as:
- advertisements appear in unusual places.
- new toolbars, plugins or extensions appear in a web browser.
- new, unwanted applications appear on the home screen.
- web searches redirect to advertising websites or sites other than expected (browser hijacking).
- ads inside of pop-up windows appear and cannot be easily closed.
- the device and the browser run slowly, often crashing.
When it comes to your mobile device being infested, other than the signs listed above, you should look for spikes in data usage, usually followed by higher-than-expected data usage bills, as well as the battery draining faster than usual.
You can manually remove adware from a device by identifying the name of the adware program and using the device’s application maintenance utility to remove the program. This implies that you know the name of the adware, which can often prove difficult to identify. Also, if the adware has a resuscitator, it can reinstall itself automatically even after it has been uninstalled. You can check out this guide on how to manually remove adware.
We are dealing with adware that is considered malicious only if its purpose is that of delivering such a software to the user. In a tactic also known as malvertising, cyber criminals inject malicious ads into legitimate websites with the purpose of spreading malware and gaining as many victims as they can.
Let`s take a closer look at two examples of attacks that may occur following an encounter with malicious adware:
Spyware is a network security threat that installs itself on devices and collects sensitive information about the users that are active on them. Another type of spyware that might sound familiar to you would have to be trojans, a type of malware that acts as a legitimate file or program to trick unsuspecting users into installing it on their machine. When acting as spyware, user data collected through adware will often result in cybercriminals further proceeding to steal personal information and commit fraud.
Man-in-the-middle (MitM) attacks
Adware can also be used to execute MitM attacks. These attacks redirect user traffic through the adware vendor’s system, even over secure or encrypted connections. This enables the threat actor to collect sensitive information from communicating parties.
How to Protect Yourself from Adware
Prevention is the best defense against adware:
- Exercise caution when downloading any software, do research and read reviews of apps before installing them.
- Avoid pirated software or media, as they generally present a greater risk of ending up with of malware.
- Avoid clicking on ads if they are not being displayed on a trusted site.
- Be careful when downloading free software, read end-user software license agreements to find out if the app developers conduct information gathering through their program.
- And maybe the most important step for you would be finding a cybersecurity solution that best fits your needs, because threats come in many shapes and sizes and caution alone is not always enough.
How Can Heimdal® Help?
Heimdal® Threat Prevention offers you a proactive approach to Internet security, that is meant to reinforce the cautious attitude that will keep your systems safe. As this article points out, proactive security outweighs reactive security and has long term benefits.
Heimdal® Threat Prevention works with all antivirus software and, while antivirus products provide threat detection and mitigation based on code, Heimdal® Threat Prevention is based on traffic filtering.
Heimdal® Threat Prevention - Endpoint
- Machine learning powered scans for all incoming online traffic;
- Stops data breaches before sensitive info can be exposed to the outside;
- Advanced DNS, HTTP and HTTPS filtering for all your endpoints;
- Protection against data leakage, APTs, ransomware and exploits;
Adware does not always mean bad news. Some developers are using the revenue resulted from you seeing, clicking or visiting ads, to cover some of the development expenses. Those kinds of ads are more of a nuisance rather than a threat, but at the end of the day they are harmless. However, like many other seemingly innocent software out there, adware can rapidly turn into something malicious, created and exploited by cybercriminals to get their hands on victim`s personal information.