Over the past 12 months incidents of mobile adware nearly tripled as businesses had to implement emergency working from home measures. It found that while mobile threats have dipped slightly over the past year, criminals have focused on the quality of mobile attacks versus mass infections.
2020’s leading mobile threat type was adware, accounting for 57% of attacks. Fortunately, for users, adware is more of a nuisance to the user experience by placing adverts across the user’s screen, as opposed to ransomware, which is able to steal credentials and company data. Risk tools came second, with 21% of attacks, while trojan droppers and mobile trojans each represented 4.5% of attacks and SMS-based trojans saw the least amount of usage, bringing in 4% of actual mobile criminal activity. Risk tools are potentially dangerous or unwanted programmes that are not inherently malicious, but are used to hide files or terminate applications and could be used with malicious intent. Interestingly, though, adware was the only attack that saw a rise in the amount of usage in 2020.
Businesses should not take mobile cyber attacks lightly. Some employees use mobile devices to carry out work duties, and so have access to business hard drives, cloud operations and information that would be of interest to cyber criminals. The Ewind adware is thought to have been the originator of nearly 2 million Ewind.kp Android installer packages issued within legitimate applications, such as icons and resource files. These seemingly safe downloads are readily available at trustworthy third-party Android application sites. This isn’t the case for Apple users, as the platform’s closed hardware and software ecosystem poses unique challenges for criminals.
Even though they weren’t the top attack of choice for cyber criminals, there were over 150,000 installation packages found for mobile banking trojans in 2020. This suggests criminals were placing a larger emphasis on targeting user’s banking information, as more had to switch to online/mobile banking, due to the COVID-19 pandemic restricting in-person banking options. Researchers are concerned at whether there is a link between the large rise in adware and malware. Adware helps in obstructing the removal of malware from a mobile device, as well as allowing access privileges on a device, placing adware in the system area and make the user unable to remove them without outside help.
For mobile device users, they are encouraged to check their devices for any errant applications or programmes. If they are experiencing adware, then it might be an appropriate time to restore their device. This could help aid them in removing the adware, which may have been delivered in the downloading of an application.