Adware continues to remain the most significant threat on Android phones and tablets in 2021, according to a report by cybersecurity firm Avast.

According to the report, 45 per cent of mobile threats discovered in the first five months of the year were adware.

“Adware displays intrusive ads and lures users into downloading the adware by posing as legitimate apps,” Avast explained.

The HiddenAds family of adware is one of the most rapidly spreading adware, last reported by Avast in October.

The cybersecurity firm has witnessed two major types of adware: the ‘traditional’ type, where users are lured through applications in the gaming, photo and other lifestyle categories. Once downloaded, these apps span users with ads in and outside of the app.

The other common type is called ad fraud.

“This adware starts malicious activities in the background once downloaded and shows out-of-context ads, ads in notifications or uses other aggressive advertising techniques,” explained Avast.

Sometimes, adware also serves ads with malicious content.

“In case of ad fraud, an encrypted file may be downloaded automatically along with the app, which then triggers clicks on ads without the users knowing or subscribes them to premium services,” it further explained.

Fake apps and banking Trojans

Fake apps are the second most significant mobile threat at 16 per cent, followed by banking Trojans at 10 per cent. Other types of malware include downloaders, spyware, and lockers/mobile ransomware.

Fake apps are apps that pose as legitimate apps, such as a Covid-19 tracing app, or for example, an AdBlocker, which is an example Avast mobile threat researchers have been observing in the first months of 2021.

“Fake apps can contain functionality to spy on the user, to expose them to ads or other malicious activity,” the report said.

Banking Trojans or “Bankers” operate in a stealth manner in order to gain the trust of users downloading the app and to steal their banking data. Banking Trojans disguise themselves as genuine apps to access the banking details of unsuspecting users and trick them into giving up their bank account details by posing as a legitimate banking application and mimicking the login screen or supplying a generic login screen with the respective bank’s logo, it explained.

“Nowadays, especially since the pandemic hit, our smartphones and devices are our daily companions, and it can be a true annoyance or even severe security risk if a phone and the data on it is exposed to mobile malware,” said Ondrej David, Mobile Threat Analyst at Avast.

“Mobile malware, and adware in particular, often comes in the form of a gaming or entertainment app that seems harmless, but what users are unaware of is that their device is doing malicious activities in the background,” added David.