SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Adware, fake apps and banking trojans targeting Android devices
Fri, 18th Jun 2021
FYI, this story is more than a year old

Adware continues to be the most significant threat on Android phones and tablets according to new research from digital security firm Avast.

According to the research, 45% of mobile threats in the first five months of 2021 were adware. Fake apps came in second at 16%, and banking Trojans third at 10%. Other types of malware include downloaders, spyware, and lockers/mobile ransomware.

Adware displays intrusive ads and lures users into downloading the adware by posing as legitimate apps.

A recent example of adware spreading widely is the HiddenAds family, last reported by Avast in October.

Avast has seen two major types of adware: the 'traditional' type, which are gaming, photo and other lifestyle applications that look appealing, to lure users into downloading them, and then they are spammed with ads in and outside of the app. The other common type is called ad fraud. This adware starts malicious activities in the background once downloaded and shows out-of-context ads, ads in notifications or uses other aggressive advertising techniques.

Sometimes, adware also serves ads with malicious content, which is why protection against adware is so important. In case of ad fraud, an encrypted file may be downloaded automatically along with the app, which then triggers clicks on ads without the users knowing or subscribes them to premium services.

The second most widely spread mobile threat, fake apps, are apps that pose as something they are not, sometimes as legitimate apps, such as a trustworthy COVID-19 tracing app, or for example, an AdBlocker, which is an example Avast mobile threat researchers have been observing in the first months of 2021. Fake apps can contain functionality to spy on the user, to expose them to ads or other malicious activity.

Banking Trojans or "Bankers" operate in a stealth manner in order to gain the trust of users downloading the app and to steal their banking data. Banking Trojans disguise themselves as genuine apps to access the banking details of unsuspecting users and trick them into giving up their bank account details by posing as a legitimate banking application and mimicking the login screen or supplying a generic login screen with the respective bank's logo.

"Nowadays, especially since the pandemic hit, our smartphones and devices are our daily companions, and it can be a true annoyance or even severe security risk if a phone and the data on it is exposed to mobile malware," says Ondrej David, mobile threat analyst at Avast.

"Mobile malware, and adware in particular, often comes in the form of a gaming or entertainment app that seems harmless, but what users are unaware of is that their device is doing malicious activities in the background."