How Does Adware Work?
Adware can be delivered to a computer via a variety of means. Some adware variants are trojans, which masquerade as a legitimate program or are bundled with one for download. Alternatively, malware operators could deliver adware to a system by exploiting vulnerabilities that allow them to download and execute the software.
Once installed on a system, the adware can serve advertisements to the user. This often involves generating pop-up windows containing advertising sites. Since the adware operator receives revenue from the advertiser for every view of the ads, the adware can provide revenue to the malware operator.
The Threat
At its core, adware is not so much malicious software as simply unwanted software. Some adware is even considered to be legitimate programs. However, adware of any type can pose significant security risks.
Some examples of the threats posed by adware include:
- Data Theft: Adware commonly collects information about users and their browsing habits to serve more targeted advertisements that have a higher probability of receiving clicks. This collected information can be sensitive and may be used in other types of attacks as well, such as blackmail, phishing, or fraud. For example, a phisher may masquerade as a brand that they know a user likes based on their browsing history.
- Malware Delivery: Adware is designed to redirect web browsing to pages of the attacker’s choosing. This can easily be applied to visiting phishing pages and downloading other types of malware for follow-on attacks.
- Vulnerabilities: Adware is often delivered by exploiting vulnerabilities and may contain vulnerabilities itself. These vulnerabilities may be exploited to deliver other types of malware as well.
- Man-in-the-Middle Attacks: Adware is designed to redirect users’ traffic, which involves sending traffic to attacker-controlled systems. This redirection can be used to perform a man-in-the-middle attack to eavesdrop upon or modify web content en route to its destination.
Types of Adware
In general, adware is a program that is designed to serve advertisements to a user. However, its means of delivery and operation can cause it to be classified in a few ways, including the following:
- Legitimate Adware: Not all types of adware are malware. In some cases, a user may consent to be served ads in exchange for a discount or other benefit from the software developer.
- Spyware: Collecting information about a user to serve more targeted advertisements is a key function of adware. However, if this data collection is performed without the knowledge or consent of the user, then the malware is classified as spyware.
Potentially Unwanted Programs (PUPs): Adware is occasionally delivered bundled with another program that the user has downloaded. In this case, the adware is classified as a PUP.
How to Protect Yourself from Adware
Adware is primarily a nuisance; however, it can pose a real threat to personal and corporate privacy and security.
Some best practices for protecting against adware infections include the following:
- Only Download Reputable Software: Adware is commonly delivered as a trojan or bundled with other software downloaded from questionable sources. Downloading software only from legitimate and trusted sources reduces the risk of adware infections.
- Use an Adblocker: Adware is designed to serve unwanted content to a web browser in the form of advertisements. Adblockers can filter this content, blocking pop-up windows and other ads from being displayed within webpages.
- Apply Updates Regularly: In some cases, adware is delivered by exploiting vulnerabilities on a system. Regularly performing vulnerability scans and applying available updates can help to close these vulnerabilities before they can be exploited to deliver adware or other types of malware.
- Deploy Endpoint Security: Adware is simply another type of malware or unwanted software running on an infected system. An endpoint security system can block adware from being installed on a system or take action in response to a detected malware infection.
Adware Security with Check Point
Unless it’s installed with the consent of the user, adware is malware and poses significant security threats. One of the best ways to protect against infections by adware and other malware is to install an endpoint security solution.
Learn more about what to look for in an endpoint security solution in this buyer’s guide to endpoint security. Then, find out how Check Point Harmony Endpoint can improve your organization’s defenses against adware and other threats by signing up for a free demo.