May 21, 2015 By Jaikumar Vijayan 3 min read

Adware programs designed to render advertisements on end user systems have gone from being merely an annoyance to a major security threat for enterprises.

New research from security firm G Data Software showed that during the second half of 2014, ad injection software, or potentially unwanted programs (PUPs), accounted for more than 31 percent of all new malware signatures detected by antivirus software. The number of new strains detected by G Data quintupled from the first half of 2014, putting adware in second place behind Trojans in the most prevalent malware category.

Adware Surge

PUPs overtook malicious downloaders for the first time, accounting for eight of the top 10 attacks that G Data’s software averted during the second half of 2014. Unwanted advertising software represented 65 percent of the attacks in G Data’s list for the time period.

The surge in adware came amid a sharp rise in the overall number of new malware strains. Between the first half of the year and the second, the number of new malware strains detected increased by a dramatic 125 percent, from 1.8 million to just over 4 million, according to the study.

In total, G Data counted close to 6 million new malware signatures in 2014, a 77 percent increase over 2013. Statistically, a new malware signature was detected every 3.75 seconds between June and December last year.

“One trend that is set to continue and even gather speed is the bundling of legitimate software with [PUPs] from third-party providers,” the security firm warned in its report.

The sharp rise in adware contrasted with a slowdown in attacks involving the use of banking Trojans. The sophisticated security measures that are being implemented by financial institutions have apparently made it harder for threat actors to use malware strains against them.

A Familiar Concern

G Data’s findings on the adware threat echo concerns that have been aired by other technology firms in recent months. Google, for instance, released a report in May voicing its concerns over the growing security threat posed by these products. The company conducted a study in collaboration with researchers at the University of California, Santa Barbara and the University of California, Berkeley on the prevalence of adware programs on the Internet. It found that almost 5.5 percent of IP addresses connecting to its websites from around the world were infected with ad injectors that served up unwanted ads and programs that were downright malicious.

During the study, Google uncovered over 50,000 browser extensions and 30,000 programs that were being used to take control of user browsers to inject advertisements. More than 30 percent of these programs were designed to steal account credentials, hijack search queries, drop other malware tools and monitor and report on a user’s browsing behavior, Google noted.

Distributing ‘Malvertising’

Ad injection software is typically bundled along with free products such as games and screen savers that people often download onto their systems. Online advertising networks also play a big role in distributing these programs, often without their knowledge.

Earlier this year, a cybercriminal posing as a legitimate advertiser managed to post a malicious ad with Merchanta, an online ad exchange platform with direct links to many top websites, Malwarebytes reported on its blog. The malicious advertisement was fed into Google’s DoubleClick channels, where it was quickly distributed to hundreds of thousands of Internet users around the world.

The growing number of malicious advertising tools and the ease with which they can be distributed have made adware one of the biggest threats to enterprises in 2015. In the first quarter of 2015, attackers took to malvertisements with renewed vigor, noted Trend Micro.

Many have begun using malicious advertisements to target dangerous zero-day vulnerabilities, the security firm said. Although adware and malvertisements may not be new, the ways in which they are being disguised and distributed are. Keeping pace with these malicious ads and striving to stay ahead of the curve when it comes to security will only become more important, especially among users who value data protection and secure browsing.

More from

How to craft a comprehensive data cleanliness policy

3 min read - Practicing good data hygiene is critical for today’s businesses. With everything from operational efficiency to cybersecurity readiness relying on the integrity of stored data, having confidence in your organization’s data cleanliness policy is essential.But what does this involve, and how can you ensure your data cleanliness policy checks the right boxes? Luckily, there are practical steps you can follow to ensure data accuracy while mitigating the security and compliance risks that come with poor data hygiene.Understanding the 6 dimensions of…

2024 roundup: Top data breach stories and industry trends

3 min read - With 2025 on the horizon, it’s important to reflect on the developments and various setbacks that happened in cybersecurity this past year. While there have been many improvements in security technologies and growing awareness of emerging cybersecurity threats, 2024 was also a hard reminder that the ongoing fight against cyber criminals is far from over.We've summarized this past year's top five data breach stories and industry trends, with key takeaways from each that organizations should note going into the following…

Black Friday chaos: The return of Gozi malware

4 min read - On November 29th, 2024, Black Friday, shoppers flooded online stores to grab the best deals of the year. But while consumers were busy filling their carts, cyber criminals were also seizing the opportunity to exploit the shopping frenzy. Our system detected a significant surge in Gozi malware activity, targeting financial institutions across North America. The Black Friday connection Black Friday creates an ideal environment for cyber criminals to thrive. The combination of skyrocketing transaction volumes, a surge in online activity…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today