May 21, 2015 By Jaikumar Vijayan 3 min read

Adware programs designed to render advertisements on end user systems have gone from being merely an annoyance to a major security threat for enterprises.

New research from security firm G Data Software showed that during the second half of 2014, ad injection software, or potentially unwanted programs (PUPs), accounted for more than 31 percent of all new malware signatures detected by antivirus software. The number of new strains detected by G Data quintupled from the first half of 2014, putting adware in second place behind Trojans in the most prevalent malware category.

Adware Surge

PUPs overtook malicious downloaders for the first time, accounting for eight of the top 10 attacks that G Data’s software averted during the second half of 2014. Unwanted advertising software represented 65 percent of the attacks in G Data’s list for the time period.

The surge in adware came amid a sharp rise in the overall number of new malware strains. Between the first half of the year and the second, the number of new malware strains detected increased by a dramatic 125 percent, from 1.8 million to just over 4 million, according to the study.

In total, G Data counted close to 6 million new malware signatures in 2014, a 77 percent increase over 2013. Statistically, a new malware signature was detected every 3.75 seconds between June and December last year.

“One trend that is set to continue and even gather speed is the bundling of legitimate software with [PUPs] from third-party providers,” the security firm warned in its report.

The sharp rise in adware contrasted with a slowdown in attacks involving the use of banking Trojans. The sophisticated security measures that are being implemented by financial institutions have apparently made it harder for threat actors to use malware strains against them.

A Familiar Concern

G Data’s findings on the adware threat echo concerns that have been aired by other technology firms in recent months. Google, for instance, released a report in May voicing its concerns over the growing security threat posed by these products. The company conducted a study in collaboration with researchers at the University of California, Santa Barbara and the University of California, Berkeley on the prevalence of adware programs on the Internet. It found that almost 5.5 percent of IP addresses connecting to its websites from around the world were infected with ad injectors that served up unwanted ads and programs that were downright malicious.

During the study, Google uncovered over 50,000 browser extensions and 30,000 programs that were being used to take control of user browsers to inject advertisements. More than 30 percent of these programs were designed to steal account credentials, hijack search queries, drop other malware tools and monitor and report on a user’s browsing behavior, Google noted.

Distributing ‘Malvertising’

Ad injection software is typically bundled along with free products such as games and screen savers that people often download onto their systems. Online advertising networks also play a big role in distributing these programs, often without their knowledge.

Earlier this year, a cybercriminal posing as a legitimate advertiser managed to post a malicious ad with Merchanta, an online ad exchange platform with direct links to many top websites, Malwarebytes reported on its blog. The malicious advertisement was fed into Google’s DoubleClick channels, where it was quickly distributed to hundreds of thousands of Internet users around the world.

The growing number of malicious advertising tools and the ease with which they can be distributed have made adware one of the biggest threats to enterprises in 2015. In the first quarter of 2015, attackers took to malvertisements with renewed vigor, noted Trend Micro.

Many have begun using malicious advertisements to target dangerous zero-day vulnerabilities, the security firm said. Although adware and malvertisements may not be new, the ways in which they are being disguised and distributed are. Keeping pace with these malicious ads and striving to stay ahead of the curve when it comes to security will only become more important, especially among users who value data protection and secure browsing.

More from

How will the Merck settlement affect the insurance industry?

3 min read - A major shift in how cyber insurance works started with an attack on the pharmaceutical giant Merck. Or did it start somewhere else?In June 2017, the NotPetya incident hit some 40,000 Merck computers, destroying data and forcing a months-long recovery process. The attack affected thousands of multinational companies, including Mondelēz and Maersk. In total, the malware caused roughly $10 billion in damage.NotPetya malware exploited two Windows vulnerabilities: EternalBlue, a digital skeleton key leaked from the NSA, and Mimikatz, an exploit…

3 Strategies to overcome data security challenges in 2024

3 min read - There are over 17 billion internet-connected devices in the world — and experts expect that number will surge to almost 30 billion by 2030.This rapidly growing digital ecosystem makes it increasingly challenging to protect people’s privacy. Attackers only need to be right once to seize databases of personally identifiable information (PII), including payment card information, addresses, phone numbers and Social Security numbers.In addition to the ever-present cybersecurity threats, data security teams must consider the growing list of data compliance laws…

ICS CERT predictions for 2024: What you need to know

4 min read - As we work through the first quarter of 2024, various sectors are continuously adapting to increasingly complex cybersecurity threats. Sectors like healthcare, finance, energy and transportation are all regularly widening their digital infrastructure, resulting in larger attack surfaces and greater risk exposure.Kaspersky just released their ICS CERT Predictions for this year, outlining the key cybersecurity challenges industrial enterprises will face in the year ahead. The forecasts emphasize the persistent nature of ransomware threats, the increasing prevalence of cosmopolitical hacktivism, insights…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today